SecurID® Governance & Lifecycle Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID Governance & Lifecycle experts.
Article Number
000034944
Applies To
RSA Product Set: Identity Governance & Lifecycle
RSA Product/Service Type: Email Templates, User Interface
RSA Version/Condition: 7.0.0, 7.0.1, 7.0.2, 7.1.0
RSA Product/Service Type: Email Templates, User Interface
RSA Version/Condition: 7.0.0, 7.0.1, 7.0.2, 7.1.0
Issue
When an RSA Identity Governance & Lifecycle administrator creates a Reset Password change request, an email is generated for the user that contains a one-time use token used to retrieve the temporary password.
The body of the email has a message similar to "One or more of your passwords has changed. To view your new password, click here" with a hyperlink for the user to click.
Image description
The default value for the embedded URL in incorrectly uses the hostname localhost and port 8080 which directs the user to an invalid page. For example,
Depending on the browser, this will result in one of the following messages:
Image description
The body of the email has a message similar to "One or more of your passwords has changed. To view your new password, click here" with a hyperlink for the user to click.
Image descriptionThe default value for the embedded URL in incorrectly uses the hostname localhost and port 8080 which directs the user to an invalid page. For example,
Depending on the browser, this will result in one of the following messages:
- Page not Found
- Unable to connect
Image descriptionCause
This email is generated by the PasswordAvailableExtEvent and defined in the PasswordAvailableExtEvent email template. The URL for the password retrieval is stored in the form variable $pmRetrievalUrl. The value of this variable is determined by an internal variable that contains the base URL for the VIEW_PASSWORD_EXTERNAL_URL property.
When this value is not set it defaults to http://localhost:8080, which is not a valid hostname.
When this value is not set it defaults to http://localhost:8080, which is not a valid hostname.
Resolution
This issue is resolved in the following patches:
Select the Settings tab from the Requests/Password Management menu and enter the URL in the View Password URL field.
Image description
- RSA Identity Governance and Lifecycle 7.0.2 P06
- RSA Identify Governance and Lifecycle 7.1.0 P01
Select the Settings tab from the Requests/Password Management menu and enter the URL in the View Password URL field.
Image descriptionWorkaround
The value of VIEW_PASSWORD_EXTERNAL_URL may be defined by setting the variable in the customerstrings.properties file.
Image description
Image description
- Create a text file on the local system named customerstrings.properties.
- Edit this file in a local text editor and set a name value pair with the text VIEW_PASSWORD_EXTERNAL_URL= and the hostname and port (optional) of your system and the base URL /aveksa/viewpassword, as shown:
VIEW_PASSWORD_EXTERNAL_URL= http://{hostname}:{port(optional)}/aveksa/viewpassword
- Save this file to the local system.
- Launch the Admin UI.
- Select User Interface under the Admin menu.
- Select the Files tab.
- Select Customer Strings from the drop down menu.
Image description- Select Upload.
- Navigate to the customerstrings.properties file saved earlier and select this file for upload.
Image descriptionNotes
Note that the variable RESET_PASSWORD_EXTERNAL_URL is different from this URL and is defined in the console under the Password Management Settings tab as the External Password Set URL.
In this article
