[SAK-16871] osp share sends wrong password Created: 25-Aug-2009  Updated: 29-Jun-2010  Resolved: 06-May-2010

Status: CLOSED
Project: Sakai
Component/s: OSP: Portfolios
Affects Version/s: 2.6.0
Fix Version/s: 2.7.0

Type: Bug Priority: Major
Reporter: Charles Hedrick Assignee: Beth Kirschner
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: File diff.password    


Share a portfolio with someone by email address. If the person does not exist, they will be created, and an email will be send notifying them of the username and password. The password is wrong. You can tell it from the email. The correct password is 8 decimal digits. Instead they get a much longer password of hex characters. THe problem is that agent.getPassword returns an encrypted password, which is of course not what you need.

The attached patch copies code from SiteAddParticipantHandler.java. It would probably be better to put guest account creation and notification in one place.

Comment by Beth Kirschner [ 06-May-2010 ]

The problem is the AgentManager.getPassword() method returns the MD5 encoded version of the password. Since there are getPassword() and getMd5Password() methods, and the getPassword() method is also used in the AudienceTool class to send a user their own password, it seems the best solution is to have this method do what it says (return the un-encoded password).

Comment by Beth Kirschner [ 06-May-2010 ]

Fixed as described.

Comment by Beth Kirschner [ 06-May-2010 ]

Merged to 2.7.x

Generated at Sat Jan 18 08:58:18 CST 2020 using Jira 8.0.3#800011-sha1:073e8b433c2c0e389c609c14a045ffa7abaca10d.