210 lines
9.6 KiB
HTML
210 lines
9.6 KiB
HTML
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
|
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"
|
|
lang="en" dir="ltr">
|
|
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<title></title>
|
|
<!-- metadata -->
|
|
<meta name="generator" content="Offline" />
|
|
<meta name="version" content="Offline 0.1" />
|
|
<!-- style sheet links -->
|
|
<link rel="stylesheet" media="all" type="text/css" href="../../../css/all.css" />
|
|
<link rel="stylesheet" media="screen" type="text/css" href="../../../css/screen.css" />
|
|
<link rel="stylesheet" media="print" type="text/css" href="../../../css/print.css" />
|
|
|
|
</head>
|
|
<body>
|
|
<div class="dokuwiki export">
|
|
|
|
|
|
|
|
|
|
<h1><a name="reset_password_by_mail" id="reset_password_by_mail">Reset password by mail</a></h1>
|
|
<div class="level1">
|
|
|
|
</div>
|
|
<!-- SECTION "Reset password by mail" [1-38] -->
|
|
<h2><a name="presentation" id="presentation">Presentation</a></h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
|
|
<acronym title="LemonLDAP::NG">LL::NG</acronym> can propose a password reset form, for users who loose their password (this kind of application is also called a self service password interface).
|
|
</p>
|
|
|
|
<p>
|
|
Kinematics:
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> User clicks on the link <code>Reset my password</code></div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step1.png?id=documentation%3A1.4%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step1.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step1.png" class="mediacenter" alt="" width="600" /></a>
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> User enters his email (or another information) in the password reset form</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> <acronym title="LemonLDAP::NG">LL::NG</acronym> try to find the user in users database with the given information</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step2.png?id=documentation%3A1.4%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step2.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step2.png" class="mediacenter" alt="" width="600" /></a>
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> A mail with a token is sent to user</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step3.png?id=documentation%3A1.4%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step3.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step3.png" class="mediacenter" alt="" width="600" /></a>
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> The user click on the link in the mail</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step4.png?id=documentation%3A1.4%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step4.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step4.png" class="mediacenter" alt="" width="600" /></a>
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> <acronym title="LemonLDAP::NG">LL::NG</acronym> validate the token and propose a password change form</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> The user can choose a new password or ask to generate one</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step2.png?id=documentation%3A1.4%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step2.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step2.png" class="mediacenter" alt="" width="600" /></a>
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> The new password is sent to user</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
<a href="/_detail/screenshots/1.1/mailreset/mailreset_step5.png?id=documentation%3A1.4%3Aresetpassword" class="media" title="screenshots:1.1:mailreset:mailreset_step5.png"><img src="../../../media/screenshots/1.1/mailreset/mailreset_step5.png" class="mediacenter" alt="" width="600" /></a>
|
|
</p>
|
|
|
|
<p>
|
|
<p><div class="notetip">If <a href="../../documentation/1.4/authldap.html" class="wikilink1" title="documentation:1.4:authldap">LDAP backend</a> is used, and <acronym title="Lightweight Directory Access Protocol">LDAP</acronym> password policy is enabled, the 'password reset flag is set to true when password is generated, so that the user is forced to change his password on next connection. This feature can be disabled in <a href="../../documentation/1.4/authldap.html" class="wikilink1" title="documentation:1.4:authldap">LDAP configuration</a>.
|
|
</div></p>
|
|
</p>
|
|
|
|
<p>
|
|
<p><div class="notetip">If the user do a new password reset request but there is already a request pending, the user can ask the confirmation mail to be resent. The request validity time is a configuration parameter.
|
|
</div></p>
|
|
</p>
|
|
|
|
</div>
|
|
<!-- SECTION "Presentation" [39-1551] -->
|
|
<h2><a name="configuration" id="configuration">Configuration</a></h2>
|
|
<div class="level2">
|
|
|
|
<p>
|
|
|
|
The reset password link must be activated, see <a href="../../documentation/1.4/portalcustom.html#other_parameters" class="wikilink1" title="documentation:1.4:portalcustom">portal customization</a>.
|
|
</p>
|
|
|
|
<p>
|
|
Then go in Manager, <code>General Parameters</code> » <code>Advanced Parameters</code> » <code>Password management</code>:
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> <strong><acronym title="Simple Mail Transfer Protocol">SMTP</acronym></strong>:</div>
|
|
<ul>
|
|
<li class="level2"><div class="li"> <strong><acronym title="Simple Mail Transfer Protocol">SMTP</acronym> Server</strong>: <acronym title="Internet Protocol">IP</acronym> or hostname of the <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> server</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong><acronym title="Simple Mail Transfer Protocol">SMTP</acronym> User</strong>: <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> user if authentication is required</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong><acronym title="Simple Mail Transfer Protocol">SMTP</acronym> Password</strong>: <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> password if authentication is required</div>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
|
|
<p><div class="notetip">
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> If no <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> server is configured, the mail will be sent via the local sendmail program. Else, Net::<acronym title="Simple Mail Transfer Protocol">SMTP</acronym> module is required to use the <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> server</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> The <acronym title="Simple Mail Transfer Protocol">SMTP</acronym> server value can hold the port, for example: <code>mail.example.com:25</code></div>
|
|
</li>
|
|
<li class="level1"><div class="li"> If authentication is configured, Authen::SASL and <acronym title="Multipurpose Internet Mail Extension">MIME</acronym>::Base64 modules are required</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
|
|
</div></p>
|
|
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> <strong>Mail headers</strong>: </div>
|
|
<ul>
|
|
<li class="level2"><div class="li"> <strong>Mail sender</strong>: address seen in the “From” field (default: noreply@[DOMAIN])</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong>Reply address</strong>: address seen in the “Reply-To” field</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong>Mail charset</strong>: Charset used for the body of the mail (default: utf-8)</div>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
<ul>
|
|
<li class="level1"><div class="li"> <strong>Mail content</strong>:</div>
|
|
<ul>
|
|
<li class="level2"><div class="li"> <strong>Success mail subject</strong>: Subject of mail sent when password is changed (default: [LemonLDAP::NG] Your new password)</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong>Success mail content</strong> (optional): Content of mail sent when password is changed</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong>Confirmation mail subject</strong>: Subject of mail sent when password change is asked (default: [LemonLDAP::NG] Password reset confirmation)</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong>Confirmation mail content</strong> (optional): Content of mail sent when password change is asked</div>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
|
|
<p><div class="noteimportant">
|
|
By default, mail content are empty in order to use <acronym title="HyperText Markup Language">HTML</acronym> templates:
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> portal/skins/common/mail_confirm.tpl</div>
|
|
</li>
|
|
<li class="level1"><div class="li"> portal/skins/common/mail_password.tpl</div>
|
|
</li>
|
|
</ul>
|
|
|
|
<p>
|
|
|
|
If you define mail contents in Manager, <acronym title="HyperText Markup Language">HTML</acronym> templates will not be used.
|
|
|
|
</div></p>
|
|
|
|
</p>
|
|
<ul>
|
|
<li class="level1"><div class="li"> <strong>Other</strong>:</div>
|
|
<ul>
|
|
<li class="level2"><div class="li"> <strong>Page <acronym title="Uniform Resource Locator">URL</acronym></strong>: <acronym title="Uniform Resource Locator">URL</acronym> of password reset page (default: [PORTAL]/mail.pl)</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong>Regexp for password generation</strong>: Regular expression used to generate the password (default: [A-Z]{3}[a-z]{5}.\d{2})</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong>Validity time of a password reset request</strong>: number of seconds for password reset request validity. During this period, user can ask the confirmation mail to be resent (default: session timeout value)</div>
|
|
</li>
|
|
<li class="level2"><div class="li"> <strong>Session key containing mail address</strong>: name of the session key containing email address. This value will be used to know to which recipient the has to be sent (default: mail).</div>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
|
|
</div>
|
|
<!-- SECTION "Configuration" [1552-] --></div><!-- closes <div class="dokuwiki export">--> |