000034944 - Password Available External email incorrectly defaults to localhost for hostname in RSA Identity Governance & Lifecycle

Document created by RSA Customer Support Employee on Sep 8, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000034944
Applies ToRSA Product Set: Identity Governance & Lifecycle
RSA Product/Service Type: Email Templates, User Interface
RSA Version/Condition: 7.0.0, 7.0.1, 7.0.2, 7.1.0
IssueWhen an RSA Identity Governance & Lifecycle administrator creates a Reset Password change request, an email is generated for the user that contains a one-time use token used to retrieve the temporary password.  
The body of the email has a message similar to "One or more of your passwords has changed. To view your new password, click here" with a hyperlink for the user to click. 
User-added image

The default value for the embedded URL in incorrectly uses the hostname localhost and port 8080 which directs the user to an invalid page.  For example,

Depending on the browser, this will result in one of the following messages:
  • Page not Found
  • Unable to connect

User-added image
CauseThis email is generated by the PasswordAvailableExtEvent and defined in the PasswordAvailableExtEvent email template.  The URL for the password retrieval is stored in the form variable $pmRetrievalUrl.  The value of this variable is determined by an internal variable that contains the base URL for the VIEW_PASSWORD_EXTERNAL_URL property.  
When this value is not set it defaults to http://localhost:8080, which is not a valid hostname. 
ResolutionThis issue is resolved in the following patches:
  • RSA Identity Governance and Lifecycle 7.0.2 P06
  • RSA Identify Governance and Lifecycle 7.1.0 P01

Select the Settings tab from the Requests/Password Management menu and enter the URL in the View Password URL field.

User-added image
WorkaroundThe value of VIEW_PASSWORD_EXTERNAL_URL may be defined by setting the variable in the customerstrings.properties file. 

  1. Create a text file on the local system named customerstrings.properties.   
  2. Edit this file in a local text editor and set a name value pair with the text VIEW_PASSWORD_EXTERNAL_URL= and the hostname and port (optional) of your system and the base URL /aveksa/viewpassword, as shown:

VIEW_PASSWORD_EXTERNAL_URL= http://{hostname}:{port(optional)}/aveksa/viewpassword

  1. Save this file to the local system. 
  2. Launch the Admin UI.
  3. Select User Interface under the Admin menu.
  4. Select the Files tab.
  5. Select Customer Strings from the drop down menu.

User-added image

  1. Select Upload.
  2. Navigate to the customerstrings.properties file saved earlier and select this file for upload.

User-added image
NotesNote that the variable RESET_PASSWORD_EXTERNAL_URL is different from this URL and is defined in the console under the Password Management Settings tab as the External Password Set URL.