Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

AEM Password expire dispatcher issue

Avatar

Level 2

Hello all,

 

While setting up dispatcher (port 80) using a publish instance at 4503, I wanted to use the AEM login page for users to log in. I know that the AEM login page has a built in password expiry when a user's password expires or is trying to login for the first time (which needs to be set in the OSGi configurations). 

So, I enable the user first login to change the password and put the number of days for the password to expired in the OSGi configuration.

On the dispatcher.any (on Apache 2.2 as I have Windows), I made sure the login page is shown for users when they access a page where login is needed. When I tested a user where I created and log in for the first time, it does not show the fields to change the password. Instead, it says invalid password combination. 

Screen shot from 4503 (you can see that the reason is returned which shows the you need to change your password): 

LoginConsoleTwo.png

 

 

 

Screen shot from dispatcher (you can see that the reason is null which goes to the code that the password / user name is incorrect):

LoginConsoleOne.png

What could be the issue for this?

2 Replies

Avatar

Community Advisor

Hi,

Which configurations did you change?

could you please check if it is used in /libs/granite/core/components/login/login.jsp, if this helps

 

Avatar

Level 2

Hi Arun,

 

The OSGi configuration I am using is the following:

christopherv662_0-1638480920150.png

Inside the configuration:

christopherv662_1-1638481188507.png

The max password age is set to 1 for testing purposes and I have the change password on first login enabled.

When using a test user I created and logging in for the first time on 4503, I am able to see the password expire fields:

christopherv662_2-1638481868699.png

When I try the same for the dispatcher using port 80 on Apache 2.2, I do NOT get the same results:

christopherv662_3-1638482046540.png

It shows the password / user name is incorrect which is NOT the case as this user still has never logged in for the first time.

In my original post, I had put console logger to see what reason is returned back on 4503 and 80. 4503 returns the password expire reason and on 80 returns null.

I would like to say this is happening with the stock AEM login page under the /libs folder.

Avatar

Community Advisor

Hi,

Could you please check the access logs? In case the publishers is not recieveing the correct param or headers when access via dispatcher.

Avatar

Level 2

christopherv662_0-1638909236307.png

Only thing that that stood out in the dispatcher's access.log.

But, this error shows when even using 4503.

On the publish access.log side, I couldn't anything see anything to be useful.

Avatar

Community Advisor

This entry in the request log is fine.

Let me try this in local and I will get back to you.

 

I am sure we are missing here some headers or parameters