CA PPM does not verify that the New Password and Confirm password data given match when resetting password in the new UI
Article ID: 103701
Updated On:
Products
CLARITY PPM FOR ITG
CLARITY PPM FEDERAL
Clarity PPM SaaS
Clarity PPM On Premise
Issue/Introduction
New UX: When resetting the password, PPM does not verify that the New Password and Confirm password data given match. Even if those do not match, password gets reset.
STEPS TO REPRODUCE:
Expected Result: I should be alerted that both passwords given do not match.
Actual Result: Password gets reset to Mynowpwd and no alert is given about password matching. As a typo was made when entering the password, If the user tried to log in using Mynewpwd an error "API-1029 : Authentication Error. Contact your system administrator for necessary action" will be received.
STEPS TO REPRODUCE:
1. Log in to PPM and ensure new UX is enabled.
2. Go to Administration > Organization and Access > Resources.
3. Edit any user profile and add your email address and user email address.
4. Go to the new UX URL, let say: http://<server_name>/pm.
5. Click on Forgot Password.
6. Enter the user name you want to have the password reset.
7. You will receive an email like:
We have received a request to reset your CA PPM™ password. To proceed, please click on the following link.
http://<server_name>/pm#changepassword?userName=<username>&code=VeFwJVyVQmh5BmUZ4js1k
8. Open the link and you will find a window where you need to enter the new password
9. Give as a New Password: Mynowpwd
Confirm Password: Mynewpwd
10. Submit it
2. Go to Administration > Organization and Access > Resources.
3. Edit any user profile and add your email address and user email address.
4. Go to the new UX URL, let say: http://<server_name>/pm.
5. Click on Forgot Password.
6. Enter the user name you want to have the password reset.
7. You will receive an email like:
We have received a request to reset your CA PPM™ password. To proceed, please click on the following link.
http://<server_name>/pm#changepassword?userName=<username>&code=VeFwJVyVQmh5BmUZ4js1k
8. Open the link and you will find a window where you need to enter the new password
9. Give as a New Password: Mynowpwd
Confirm Password: Mynewpwd
10. Submit it
Expected Result: I should be alerted that both passwords given do not match.
Actual Result: Password gets reset to Mynowpwd and no alert is given about password matching. As a typo was made when entering the password, If the user tried to log in using Mynewpwd an error "API-1029 : Authentication Error. Contact your system administrator for necessary action" will be received.
Cause
This issue is caused by an existing defect: DE41973
Environment
CA PPM 15.4
CA PPM 15.4 SP1
CA PPM 15.4 SP1
Resolution
This issue has been fixed in CA PPM 15.5.
Workaround: Reset password again in new UX or reset it in the Classic UI
Workaround: Reset password again in new UX or reset it in the Classic UI
Feedback
Yes
No
Powered by
