Jaspersoft 6.1.2 - User changing password on login page does not work

[Boris Gisselere]

Hi,

I've been looking for a solution since 2 weeks, read a lot of forums and user guides but not finding any solution. Here's the thing :

We were facing a problem in Jaspersoft 5.1 version and we upgrade to 6.1.2 hoping it will be solved, but no.

When we activate the password change for user on login page :

• Modifying 

  /WEB-INF/jasperserver-servlet.xml

  allowUserPasswordChange = true

• Putting this pattern :

  /WEB-INF/applicationContext.xml

   

  allowedPasswordPattern

  
  
  <property name="allowedPasswordPattern" value="^(?=.{10,}$)(?=.*[a-z])(?=.*[A-Z])(?=.*d).*$"></property>
• And setting exception : 

  /WEB-INF/bundles/jsexceptions_messages_fr.properties

  exception.remote.weak.password

  
  
  Le mot de passe doit avoir au moins 10 caractu00e8res et contenir au moins une minuscule, une majuscule et un chiffre.

 

When I create a user connecter as superuser, all this work fine

But on the login page when user try to connect and change password :

• if new password and confirmed new password are different, there's a message corresponding to jsp.Login.link.passwordNotMatch in jasperserver_messages_fr.properties
• if new password doesn't match the REGEXP : nothing happens on login page and the user is logged in with old password
• if new password is matching REGEXP : nothing happens on login page and the user is logged in with old password 
• in all cases, user password is never changed

May someone have some clue to solve this please ?

Note : I did change security-config.properties to set encryption.on=true but nothing changes

EDIT after one more day looking all sources to find some clue :

in this file : .../WEB-INF/jsp/modules/login/loginState.jsp

I found this :

        showLocaleMessage: '<spring:message code="jsp.Login.link.showLocale" javaScriptEscape="true"/>',
        hideLocaleMessage: '<spring:message code="jsp.Login.link.hideLocale" javaScriptEscape="true"/>',
        allowUserPasswordChange: ${allowUserPasswordChange},
        changePasswordMessage: '<spring:message code="jsp.Login.link.changePassword" javaScriptEscape="true"/>',
        cancelPasswordMessage: '<spring:message code="jsp.Login.link.cancelPassword" javaScriptEscape="true"/>',
        passwordExpirationInDays: ${passwordExpirationInDays},
        nonEmptyPasswordMessage: '<spring:message code="jsp.Login.link.nonEmptyPassword" javaScriptEscape="true"/>',
        passwordNotMatchMessage: '<spring:message code="jsp.Login.link.passwordNotMatch" javaScriptEscape="true"/>',
 

Sadly I can't see anything making me think that there's a pattern control here !

Some one knows if there's a control and where ?

I did upload a document with the 2 pages, In administration page, the control did work, but in login page, nothing happens .. Someone can help me ?