Odoo 9 website user self password change - odoo

My question is simple, where does a client change his/her password after signing up (registering)?
I've installed odoo 9 (on Ubuntu) and installed the website app.
The Sign in page doesn't show a forgot username / password option
If the user logs in, the app has a "username -> My Account -> Your Details -> change" button, where the user can see address, e-mail ...etc. but no change password button.
Am I overlooking an option somewhere? If that option doesn't exist, is it possible to add such a button in xml, that would not be overwritten with the nightly builds?

Solved! ...
In the url of your site, place ?debug after "web" and before "#"
(ex: server.tld:8123/web?debug#view_type=form...)
- select "settings" from the top menu
- click on "General Settings" on the left menu
- click on the checkbox next to "Enable password reset from Login page"
- click on apply
- remove ?debug from the url
Done!

Related

Keycloak: Disable redirect to account page after password reset and show message

I am using Keycloak and I want to enable Forgot password flow. I have enabled Forgot password in login and configured SMTP to send email.
What I get out of the box from keycloak is the following
-> Click on Forgot password link -> Enter username or email -> User receives an Email with reset link -> Click on the link -> Reset password, then submit -> User is logged in then The user is redirected to account page.
What I want to acheive is the following
-> Click on Forgot password link -> Enter username or email -> User receives an Email with reset link -> Click on the link -> Reset password, then submit -> Display a message saying "Your password has been updated." and do not login the user. stay on that page.
The reason for this is, for my use-case, the user shouldn't access the account page on Keycloak.
In the authentication flow of reset credentials, I can only configure up to reset credentials.
Is there any way I can disable this action of logging in the user automatically after password reset, then redirecting to account page?
I have looked into several questions, but I cannot find an answer on how this can be achieved.
PS: I am using Keycloak docker image with a custom theme. If this can be configured using custom theme options, I have the chance to do it.
Thank you in advance.
Go to your keaycloak admin console, Authentication and desable "Update Profile"
Hopo it helps :)
We faced similar issue during keycloak usage and solved it via implementing custom Action Token and Action token handler (docs). Also check out original keycloak reset credentials action token sources:
ActionToken
ActionTokenHandler
Try to play around AbstractActionTokenHander.startFreshAuthenticationSession() there several attributes that define Keycloak behaviour during reset flow like:
authSession.setRedirectUri(token.getNote(OIDCLoginProtocol.REDIRECT_URI_PARAM));
authSession.setAuthNote(AuthenticationManager.END_AFTER_REQUIRED_ACTIONS, "true");
authSession.setAuthNote(AuthenticationManager.SET_REDIRECT_URI_AFTER_REQUIRED_ACTIONS, "true");
authSession.setAuthNote(AuthenticationManager.END_AFTER_REQUIRED_ACTIONS, "true");
If you're using your own client for the login page, the specified redirect, or the client default (Base URL) will direct where the user is sent after the password reset.
We did see that when using an admin-directed password reset, this behavior would occur (user sent to Keycloak account page). So, we simply adjusted the Base URL value for the account client so that it points to the home page of our primarily application.
Then, after the account client is used to reset the password, the default redirect is to our home page.

Change user password in plastic SCM

I'm going to work on project, that uses plastic scm for version control. Project manager sent me a message with repo address, my username and generated (at least it looks like randomly generated) password. I'd like to change the password as it seems like a good safety practice to me. I tried to sign in on www.plasticscm.com, as I assumed that manager just created account for me, but I can't log in. Is this possible to change my password, or do I have to ask admin for help?
It's important to clarify if you need to:
Change your www.plasticscm.com password: You just need to click on the "Sign in" button and then "I don't have a password / I forgot it". You will receive en email to re-generate the password.
If you are using a Plastic hosted server: we have recently released a webadmin tool where you can configure and administer the server, including selecting the authentication mode, creating users and groups (or edit the passwords):
http://blog.plasticscm.com/2017/10/webadmin-introducing-new-server-admin.html

Keyrock enabling two factor authentication

I am trying register a user in my keyrock installed on my own computer.
I put localhost:8000/ in firefox, and it redirects me to fiwareLab. But when I want to sing up a user, everything is ok, but then, when I guess that I have to confirm the account, the page show me "Activation key invalid" and in my console, the computer show me
enter image description here
So, I think that I have to enable the two factor authentication, but I don't know.
Could you help me, please?
Thank you so much.
To create a new user, you have to do the following steps:
In the IdM Horizon login screen, instead of put username, password and click sign in, just click on Sign up link or use idm_ip:8000/sign_up/ directly on your browser. After that, type information about the new user (username, email and password), check the I accept FIWARE... box and click Sign Up button.
Now, out of the container, see the log through:
docker logs <container_name>
There, you will see, in the last lines of the log, the activation link that was supposed to be sent to the new user's email. Copy it, paste on your browser and modify the fiware-lab host on the url specifying your IdM Keyrock address. This way, your new user will be activated through the passed code.
I hope this can help you.

How to restrict access to Jenkins?

My Jenkins instance is currently open for every user, there is no authentication. I want to protect Jenkins against access by unauthorized users. I'm looking for a very simple/basic solution -- one user. If this "admin" user hasn't authenticated himself, he should not be able to do anything. If he has, he should get the full access the Jenkins instance (including all projects). How to configure this?
Follow these steps:
Go to Configure Global Security --> Security Realm : Jenkin's own user database and authorization Logged-in users can do anything. After saving, Jenkins should prompt you to create a new user. Please create the required user by filling in details like username and password.
Then, log in with that user and change the authorization to Matrix-based security. The matrix configuration should be as shown below i.e., it should have all privileges for the required user and none for anonymous users.
First you need to create an admin user or whatever you want.
To do that, go to your jenkins dashboard page and find "Credentials" option.
In credentials, you can create your user.
With your admin user created, just go back to your jenkins dashboard page and find "Manage Jenkins" option, in there, click on "Configure Global Security".
In Global Security Page, check the box "Enable Security", scroll down to "Access Control" and chose "Jenkins’ own user database" and select what users can do after login.

Joomla! - Registration not working

I'm running Joomla! 1.5.22 on localhost.
For the website's registration, after the user fills in all the information and click on 'send registration', the page simply 'refresh' only.
So i tried to log in with the new user's username and password but it only 'refresh' the page and the user isn't logged in.
May i know what is the problem?
Sorry as i'm a beginner in Joomla!
as you said that you are trying to create a user on your local host first check the followings by default settings in your joomla administrator pannel cause as i see in joomla 1.5.22 version if you will create a user then you should have to verify that user, in by default settings >> you will found the settings at :
login at admin pannel
click on site menu and choose > global configuration.
click on the system tab
then you will found the user settings: set No in the new user account activation and then register and try to login,,
IMP: if you will try this setting on real server then suggest you set Yes option on the new user account activation..