Access right for ServiceUer to Change users password

Avatar

Avatar
Validate 1
Level 3
Eric_Stricker
Level 3

Likes

12 likes

Total Posts

73 posts

Correct reply

2 solutions
Top badges earned
Validate 1
Ignite 5
Ignite 3
Ignite 1
Give Back 5
View profile

Avatar
Validate 1
Level 3
Eric_Stricker
Level 3

Likes

12 likes

Total Posts

73 posts

Correct reply

2 solutions
Top badges earned
Validate 1
Ignite 5
Ignite 3
Ignite 1
Give Back 5
View profile
Eric_Stricker
Level 3

19-06-2020

I created a forget Password service for the user to reset his/her own password by sending a link to his email and providing a reset password page.

 

Inside this service I use:

session = resolver.adaptTo(Session.class);

UserManager userMgr = resolver.adaptTo(UserManager.class);
Authorizable a = userMgr.getAuthorizable(userid, User.class);
User user = (User)userMgr.getAuthorizable(userid, User.class);

user.changePassword(newPassword);

session.save()

 

The resolver here is a resourceResolver for a serviceUser Account  "userManager" and I have granted access to '/home' read/modify/create,Read ACL,Edit ACL but I still receive "javax.jcr.AccessDeniedException: OakAccess0000: Access denied " when I run "session.save()"

 

Anything I am missing here?

 

Eric_Stricker_0-1592559543635.png

 

Replies

Avatar

Avatar
Springboard
Level 10
Mayank_Gandhi
Level 10

Likes

327 likes

Total Posts

1,150 posts

Correct reply

185 solutions
Top badges earned
Springboard
Establish
Validate 1
Contributor 2
Ignite 5
View profile

Avatar
Springboard
Level 10
Mayank_Gandhi
Level 10

Likes

327 likes

Total Posts

1,150 posts

Correct reply

185 solutions
Top badges earned
Springboard
Establish
Validate 1
Contributor 2
Ignite 5
View profile
Mayank_Gandhi
Level 10

06-07-2020

@Eric_Stricker  Were you able to get this working Or you still need help?

Avatar

Avatar
Validate 1
Level 3
Eric_Stricker
Level 3

Likes

12 likes

Total Posts

73 posts

Correct reply

2 solutions
Top badges earned
Validate 1
Ignite 5
Ignite 3
Ignite 1
Give Back 5
View profile

Avatar
Validate 1
Level 3
Eric_Stricker
Level 3

Likes

12 likes

Total Posts

73 posts

Correct reply

2 solutions
Top badges earned
Validate 1
Ignite 5
Ignite 3
Ignite 1
Give Back 5
View profile
Eric_Stricker
Level 3

06-07-2020

We did get around this.

 

We are now using the build in user 'communities-user-admin' instead of our own service account. We do like to understand why our own account did not work. Most likely because we did not add our own service account to the 'user-administrators' group role which has probably a setting to allow changes to users&groups.

 

Note: we still cannot add node/change node for the the build in 'admin' account. Most likely this is a protected account and only 'admin' user can change 'admin' accounts.