Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-21704

UserLockoutException when using ticket (reset link) for password recovery and the user account is locked

    Details

      Description

      In our password policy we use the lockout mechanism after 5 failed attempts to login.
      And we use the "reset link" mail (ticket) for the lost password recovery.

      When a user lock is account, he usually ask for a new password through the password recovery system.
      He then receive an email with a reset link. When he click on the link, he is redirected to the "change password" page and then when he validates his new password, he has the following error message : "An error occurred while accessing the requested resource. https://myserver/c/portal/update_password".

      Here's the stacktrave in the catalina.out:
      08:32:50,782 ERROR [jsp:996] com.liferay.portal.UserLockoutException
      com.liferay.portal.UserLockoutException
      at com.liferay.portal.service.impl.UserLocalServiceImpl.checkLockout(UserLocalServiceImpl.java:790)
      at com.liferay.portal.service.impl.UserLocalServiceImpl.authenticate(UserLocalServiceImpl.java:2567)
      at com.liferay.portal.service.impl.UserLocalServiceImpl.authenticateByScreenName(UserLocalServiceImpl.java:573)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
      at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
      at com.liferay.portal.spring.transaction.TransactionInterceptor.invoke(TransactionInterceptor.java:65)
      at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:58)
      at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:58)
      at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:58)
      at com.liferay.portal.spring.aop.ChainableMethodAdvice.invoke(ChainableMethodAdvice.java:58)
      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
      at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
      at $Proxy81.authenticateByScreenName(Unknown Source)
      at com.liferay.portal.service.UserLocalServiceUtil.authenticateByScreenName(UserLocalServiceUtil.java:319)
      at com.liferay.portlet.login.util.LoginUtil.login(LoginUtil.java:155)
      at com.liferay.portal.action.UpdatePasswordAction.updatePassword(UpdatePasswordAction.java:179)
      at com.liferay.portal.action.UpdatePasswordAction.execute(UpdatePasswordAction.java:80)
      at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
      at com.liferay.portal.struts.PortalRequestProcessor.process(PortalRequestProcessor.java:152)

      I think that a user account must be unlock when he is allowed to change is password.

      I've attached a patch.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              zsolt.szabo Zsolt Szabo (Inactive)
              Reporter:
              tahitiangabriel Gabriel Landon
              Participants of an Issue:
              Recent user:
              Esther Sanz
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                10 years, 17 weeks, 3 days ago

                  Packages

                  Version Package
                  --Sprint 12/11
                  6.1.0 CE RC1