Bug #4088
closed
Accessing password_resets URIs return 302s and redirect to the login page
Description
While attempting to reset admin's password on my environment I observed the following:
Submitting the password reset form, with User: admin e-mail: root@localhost, generates a 302 redirecting the /katello/user_session (which in turn is a 200 response).
Querying the DB (as I do not have e-mail configured) with:
katelloschema=# select password_reset_token from users where username='admin';
returns the value '64b9f799dc89264da7391685f38de6567480f6279d0b5b6ad9e0dac95e2828d7'.
Browsing to https://172.31.21.75/katello/password_resets/64b9f799dc89264da7391685f38de6567480f6279d0b5b6ad9e0dac95e2828d7/edit generates a 302 Moved response to /katello/user_session/new with not response data, just a redirection.
This observation is with Fedora 18, I have not tested with RHEL 6, but jsherrill appears to have reproduced this issue as well.
Created: nigeljonez on May 15, 2013 03:01 +00:00
Imported from https://api.github.com/repos/Katello/katello/issues/2288
Updated by