Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.

AEM 6.5 cloud - Reset password

Avatar

Level 1

Hi Team,

I have a requirement where user want to have two options:

1. reset password by accepting old password

2. Forgot password option by triggering an email to users inbox and then they can change the password through the link.

 

For the first requirement, I've an ajax call as below:

 

    var origin   = window.location.origin;
    var URL = origin + "/content/dam.resetpw.html";
    
    var currentURL = window.location.href;
    var redirectURL = (currentURL.substring(0, currentURL.lastIndexOf("/") + 1)).concat("sign-on.html");

    $('#asc-reset-password-form-id').submit(function(e){
        $.ajax({
            type:'POST',
            data: $('#asc-reset-password-form-id').serialize(),
            url: URL,
			error:function(){
                alert("Failed to reset the password");
                window.location = currentURL;                
            },
            success:function(){
                alert("Password has been reset successfully");
                window.location = redirectURL;

            }
        })
    });    

 

   And the java code as:

 

package com.projectprogram.core.servlets.impl;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;

import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.servlet.Servlet;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.servlets.HttpConstants;
import org.apache.sling.api.servlets.ServletResolverConstants;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.osgi.service.component.annotations.Component;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.projectprogram.core.exception.projectException;
import com.projectprogram.core.utils.projectResourceUtil;

@Component(
        service = Servlet.class,
        property = {
                ServletResolverConstants.SLING_SERVLET_RESOURCE_TYPES + "=" + ServletResolverConstants.DEFAULT_RESOURCE_TYPE,
                ServletResolverConstants.SLING_SERVLET_METHODS + "=" + HttpConstants.METHOD_POST,
                ServletResolverConstants.SLING_SERVLET_EXTENSIONS + "=" + "html",
                ServletResolverConstants.SLING_SERVLET_SELECTORS + "=" + "resetpw2"
        })
public class ResetUserPasswordServlet2 extends SlingAllMethodsServlet {
	private static final Logger LOGGER = LoggerFactory.getLogger(ResetUserPasswordServlet2.class);
	
	private static final long serialVersionUID = -6095542982222359562L;

	private static final String project_USER_ADMIN_SERVICE = "project-user-admin-service";

    @Override
    protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) throws IOException {

        response.setCharacterEncoding(com.adobe.granite.rest.Constants.DEFAULT_CHARSET);
        
        try {
        	LOGGER.debug("projectA : inside ResetUserPasswordServlet2");
        	String userId = request.getParameter("userId");
            LOGGER.debug("userId--> '{}'", userId);
        	if (StringUtils.isBlank(userId)){
                throw new projectException("Required data like userId is empty or null : " + userId);
            }
        	String oldPw = request.getParameter("oldPw");
            LOGGER.debug("oldPw--> '{}'", oldPw);
            if (StringUtils.isBlank(oldPw)){
                throw new projectException("Required data like old pw is empty or null");
            }
            String pw = request.getParameter("pw");
            LOGGER.debug("pw--> '{}'", pw);
            if (StringUtils.isBlank(pw)){
                throw new projectException("Required data like pw is empty or null");
            }
        	
            boolean isReset = false;
            String message = "";
            
            LOGGER.debug("projectA : calling resetpassword function");
            isReset = resetPassword(userId, oldPw, pw);
			LOGGER.debug("User password for : [{}] is reset : [{}]", userId,isReset);
			message = "User password for : " + userId + " is reset : " + isReset;

            response.setContentType("text/plain");
            response.getWriter().write(message);

        } catch (projectException e) {
            response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
            LOGGER.error("Exception occurred while resetting user password.", e);
        } catch (RepositoryException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
    }
    
    /**
     * Reset password for local user.
     * @Param userName authorisable id/name.
     * @Param newPassword new password string for user.
     */
    private boolean resetPassword(final String userName, final String oldPassword, final String newPassword) 
    		throws UnsupportedEncodingException, RepositoryException {
    	 boolean isUpdated = false;
    	
    	final ResourceResolver resourceResolver = projectResourceUtil.getServiceResourceResolver(project_USER_ADMIN_SERVICE);
		if (resourceResolver == null) {
			LOGGER.warn("Could not retrieve user admin resource resolver. Terminating...");
		    return isUpdated;
		}
		LOGGER.debug("projectA : inside ResetUserPasswordServlet2");
		UserManager userManager = resourceResolver.adaptTo(UserManager.class);
        Session sessionrr = resourceResolver.adaptTo(Session.class);
        User user = (User) userManager.getAuthorizable(userName);
        LOGGER.debug("projectA : user is : {}",(user.getPath()));
        String encodedStringOld = URLEncoder.encode(oldPassword, "UTF-8");
        String encodedStringNew = URLEncoder.encode(newPassword, "UTF-8");
        LOGGER.debug("projectA : calling change password method of user");
        LOGGER.debug("encodedStringOld [{}] encodedStringNew [{}]",encodedStringOld,encodedStringNew);
        user.changePassword(encodedStringNew, encodedStringOld);
        if (!userManager.isAutoSave()) {
        	sessionrr.save();
        	LOGGER.debug("User password reset for [{}]",userName);
        	isUpdated = true;
        }
        return isUpdated;
    }
    
}

 

 

Unfortunately, I'm getting 500 error on the ajax call and 422 error un-processable entity next:

lakshmi_anil_0-1706779859709.png

 

Can someone help me with this?

 

2 Replies

Avatar

Community Advisor

Hi @lakshmi_anil 

 

Can you please check the error logs to debug the 500 server error?
You can get the info about failure in logs easily and look out for servlet specific logs in error log.

 

Avatar

Level 1

Hi @iamnjain ,

Thank you for your response. We have checked the error logs and couldn't progress much. The user is created and added to CUG for viewers , activated both user and the CUG. Please see below error snip:

2024-01-23 09:11:33.457 DEBUG [com.projectprogram.core.filters.LoggingFilter] request for /content/share/abc/en/reset-password, with selector null
23.01.2024 09:11:33.477 [cm-p28510-e89206-aem-author-657679bfdb-x2c76] *WARN* [103.161.144.147 [1706001093454] POST /content/share/abc/en/reset-password.html HTTP/1.1] org.apache.sling.servlets.post.impl.SlingPostServlet Exception while handling POST on path [/content/share/abc/en/reset-password] with operation [org.apache.sling.servlets.post.impl.operations.ModifyOperation]
java.lang.IllegalArgumentException: Value '14773_1' for property 'userId' can't be put into node '/content/share/abc/en/reset-password'.
	at org.apache.sling.jcr.resource.internal.JcrModifiableValueMap.put(JcrModifiableValueMap.java:76) [org.apache.sling.jcr.resource:3.2.4]
	at org.apache.sling.jcr.resource.internal.JcrModifiableValueMap.put(JcrModifiableValueMap.java:37) [org.apache.sling.jcr.resource:3.2.4]
	at org.apache.sling.servlets.post.impl.helper.SlingPropertyValueHandler.store(SlingPropertyValueHandler.java:511) [org.apache.sling.servlets.post:2.5.0]
	at org.apache.sling.servlets.post.impl.helper.SlingPropertyValueHandler.setPropertyAsIs(SlingPropertyValueHandler.java:257) [org.apache.sling.servlets.post:2.5.0]
	at org.apache.sling.servlets.post.impl.helper.SlingPropertyValueHandler.setProperty(SlingPropertyValueHandler.java:124) [org.apache.sling.servlets.post:2.5.0]
	at org.apache.sling.servlets.post.impl.operations.ModifyOperation.writeContent(ModifyOperation.java:372) [org.apache.sling.servlets.post:2.5.0]
	at org.apache.sling.servlets.post.impl.operations.ModifyOperation.doRun(ModifyOperation.java:93) [org.apache.sling.servlets.post:2.5.0]

 

2024-01-23 09:59:54.311 DEBUG [com.projectprogram.core.filters.LoggingFilter] request for /content/share/abc/en/reset-password, with selector null
23.01.2024 09:59:54.313 [cm-p28510-e89206-aem-author-657679bfdb-x2c76] *WARN* [103.161.144.147 [1706003994308] POST /content/share/abc/en/reset-password.html HTTP/1.1] org.apache.sling.servlets.post.impl.SlingPostServlet Exception while handling POST on path [/content/share/abc/en/reset-password] with operation [org.apache.sling.servlets.post.impl.operations.ModifyOperation]
org.apache.sling.servlets.post.exceptions.PreconditionViolatedPersistenceException: Resource at '/content/share/abc/en/reset-password' is not modifiable.
	at org.apache.sling.servlets.post.impl.helper.SlingPropertyValueHandler.setProperty(SlingPropertyValueHandler.java:118) [org.apache.sling.servlets.post:2.5.0]
	at org.apache.sling.servlets.post.impl.operations.ModifyOperation.writeContent(ModifyOperation.java:372) [org.apache.sling.servlets.post:2.5.0]
	at org.apache.sling.servlets.post.impl.operations.ModifyOperation.doRun(ModifyOperation.java:93) [org.apache.sling.servlets.post:2.5.0]
	at org.apache.sling.servlets.post.impl.operations.AbstractPostOperation.run(AbstractPostOperation.java:103) [org.apache.sling.servlets.post:2.5.0]
	at org.apache.sling.servlets.post.impl.SlingPostServlet.doPost(SlingPostServlet.java:243) [org.apache.sling.servlets.post:2.5.0]

 

Thank you.

Lakshmi.