|Applies To||RSA Product Set: Identity Governance & Lifecycle|
RSA Product/Service Type: Email Templates, User Interface
RSA Version/Condition: 7.0.0, 7.0.1, 7.0.2, 7.1.0
|Issue||When an RSA Identity Governance & Lifecycle administrator creates a Reset Password change request, an email is generated for the user that contains a one-time use token used to retrieve the temporary password. |
The body of the email has a message similar to "One or more of your passwords has changed. To view your new password, click here" with a hyperlink for the user to click.
The default value for the embedded URL in incorrectly uses the hostname localhost and port 8080 which directs the user to an invalid page. For example,
Depending on the browser, this will result in one of the following messages:
|Cause||This email is generated by the PasswordAvailableExtEvent and defined in the PasswordAvailableExtEvent email template. The URL for the password retrieval is stored in the form variable $pmRetrievalUrl. The value of this variable is determined by an internal variable that contains the base URL for the VIEW_PASSWORD_EXTERNAL_URL property. |
When this value is not set it defaults to http://localhost:8080, which is not a valid hostname.
|Resolution||This issue is resolved in the following patches:|
Select the Settings tab from the Requests/Password Management menu and enter the URL in the View Password URL field.
|Workaround||The value of VIEW_PASSWORD_EXTERNAL_URL may be defined by setting the variable in the customerstrings.properties file. |
|Notes||Note that the variable RESET_PASSWORD_EXTERNAL_URL is different from this URL and is defined in the console under the Password Management Settings tab as the External Password Set URL.|