[JBoss JIRA] Created: (GTNPORTAL-880) password recovery may change anyone's password
by Patrice Lamarque (JIRA)
password recovery may change anyone's password
----------------------------------------------
Key: GTNPORTAL-880
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-880
Project: GateIn Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Affects Versions: 3.0.0-GA
Reporter: Patrice Lamarque
It looks like anyone can change anyone else's password by using the forgot username function.
A first annoyance is that you can easily lock the default root account like this :
Sign in > Forgot Username / Password > Forgot My Password
Enter 'root'
Now try to login with root / gtn >> you can't.
What Happened ?
Gatein has generated a new password for root and sent it to the default email address which is.... root@localhost (!).
Using this function anyone would be able to change anyone else password.
The flow for password recovery should not regenerate a new password until the user has confirmed by clicking a generated URI in the email.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
13 years, 10 months
[JBoss JIRA] Created: (GTNPORTAL-884) JCR NullPointerException when using the navigation editor
by Julien Viet (JIRA)
JCR NullPointerException when using the navigation editor
---------------------------------------------------------
Key: GTNPORTAL-884
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-884
Project: GateIn Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Reporter: Julien Viet
Assignee: Julien Viet
Fix For: 3.1.0
Login as john
Click sites
Edit classic navigation
Remove Home
Remove Site Map
Save
Edit classic navigation
Add new navigation node
Save : creates NPE with
java.lang.NullPointerException
at org.exoplatform.services.jcr.impl.dataflow.session.SessionChangesLog.addItem(SessionChangesLog.java:594)
at org.exoplatform.services.jcr.impl.dataflow.session.SessionChangesLog.add(SessionChangesLog.java:99)
at org.exoplatform.services.jcr.impl.core.NodeImpl.doOrderBefore(NodeImpl.java:2494)
at org.exoplatform.services.jcr.impl.core.NodeImpl.orderBefore(NodeImpl.java:1612)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
13 years, 10 months
[JBoss JIRA] Created: (GTNPORTAL-1095) IE6 User Interface problems
by Michal Vanco (JIRA)
IE6 User Interface problems
---------------------------
Key: GTNPORTAL-1095
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-1095
Project: GateIn Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: User Interface
Affects Versions: 3.0.0-GA
Environment: IE6
Reporter: Michal Vanco
Attachments: ie6_dashboard.png, ie6_hp.png, ie6_navigation.png
Screenshots:
ie6-hp:
There is missing logo in header, problem with navigation (link Home isn't visible, there are arrows to move right in navigation - there is Site map link)
ie6-navigation:
When click on Site map link, link in navigation bar is highlighted over whole width.
(Site Map is weird in IE6 as well - problem with first subnodes)
ie6-dashboard:
Pages on dashboard are spread over whole witdh, only selected page is small.
IE6 do not support png files (for example portlet icons in App.registry and portlets menu when editing page)
When you sign in, at the bottom of the browser (progress bar) - there is still "Loading Javascript Module exo.portal.UIAdminToolbar".
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
13 years, 11 months