Exception when resetting password via forget password link
Hi team,
We are on Confluence 7.13.7
When we use the forgot password link and done filling the new password, we saw an exception thrown on the browser as follow. It looks like the system can't get the username which is apparently added in the url already.
Appreciate for any suggestion how to fix this.
Leon
----------
System Error
A system error has occurred — our apologies!
For immediate troubleshooting, consult our knowledge base for a solution.
If you would like to receive support from Atlassian's support team, ask your Confluence administrator to create a support issue on Atlassian's support system with the following information:
- a description of your problem and what you were doing at the time it occurred
- a copy of the error and system information found below
- a copy of the application logs (if possible).
Your Confluence administrator can use the support request form to create a support ticket which will include this information.
We will respond as promptly as possible.
Thank you!
Cause
User [Anonymous] does not have the required privileges.
Referer URL
--------
stacktrace in the log:
2022-06-14 18:10:56,026 INFO [http-nio-8190-exec-12] [plugins.synchrony.service.SynchronyExternalChangesManager] performExternalChange Started external change for ContentId{id=73564196}
2022-06-14 18:10:56,032 INFO [http-nio-8190-exec-12] [synchrony.service.http.SynchronyRequestExecutor] execute Initiating request PUT http://127.0.0.1:8091/synchrony/v1/data/Synchrony-6ac5a4d8-d0da-3c75-9244-a762f2f3de5d/confluence-73564196?state-at=@head&state-format=html HTTP/1.1 for 73564196
2022-06-14 18:12:06,084 WARN [http-nio-8190-exec-4] [confluence.impl.hibernate.ConfluenceHibernateTransactionManager] doRollback Performing rollback. Transactions:
->[null]: PROPAGATION_REQUIRED,ISOLATION_DEFAULT (Session #735199396)
-- referer: http://confluence.yusur.tech/resetuserpassword.action?username=lixl&token=a33d35787424d2cbfca96039bebf84f6a22f5f99 | url: /doresetuserpassword.action | traceId: ecbb2d586d2dff2d | userName: anonymous
2022-06-14 18:12:06,085 ERROR [http-nio-8190-exec-4] [atlassian.confluence.servlet.ConfluenceServletDispatcher] sendError Could not execute action
-- referer: http://confluence.yusur.tech/resetuserpassword.action?username=lixl&token=a33d35787424d2cbfca96039bebf84f6a22f5f99 | url: /doresetuserpassword.action | traceId: ecbb2d586d2dff2d | userName: anonymous
com.atlassian.confluence.core.InsufficientPrivilegeException: User [Anonymous] does not have the required privileges.
at com.atlassian.confluence.user.DefaultUserAccessor.alterPassword(DefaultUserAccessor.java:1071)
at jdk.internal.reflect.GeneratedMethodAccessor4342.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at com.atlassian.spring.interceptors.SpringProfilingInterceptor.invoke(SpringProfilingInterceptor.java:16)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:123)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:388)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215)
at com.sun.proxy.$Proxy93.alterPassword(Unknown Source)
at com.atlassian.confluence.user.actions.ResetUserPasswordAction.doResetPassword(ResetUserPasswordAction.java:47)
at jdk.internal.reflect.GeneratedMethodAccessor4601.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at com.opensymphony.xwork.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:302)
at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:170)
at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
at com.atlassian.confluence.core.ConfluenceWorkflowInterceptor.intercept(ConfluenceWorkflowInterceptor.java:33)
at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
at com.atlassian.confluence.security.interceptors.CaptchaInterceptor.intercept(CaptchaInterceptor.java:42)
at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:165)
...
...
2022-06-14 18:12:06,089 INFO [http-nio-8190-exec-4] [atlassian.confluence.status.SystemErrorInformationLogger] writeToLog
Request Unique ID : d0cf21de-40e1-4701-9b5e-16a9531b4857
--------------------------
JVM Stats
--------------------------
xmx = 1073741824
usedNonHeap = 797723384
availableHeap = 254608176
availableNonHeap = -1
allocatedHeap = 1073741824
freeAllocatedHeap = 254608176
maxNonHeap = -1
availablePermGen = 0
maxPermGen = -1
maxHeap = 1073741824
usedHeap = 819133648
usedPermGen = -1
xms = 1073741824
--------------------------
Request Information
--------------------------
URL: http://confluence.yusur.tech/500page.jsp
Scheme: http
Server: confluence.yusur.tech
Port: 80
URI: /500page.jsp
Context Path:
Servlet Path: /500page.jsp
Path Info: null
Query String: null
--------------------------
Attributes
--------------------------
javax.servlet.forward.request_uri: /doresetuserpassword.action
javax.servlet.forward.context_path:
javax.servlet.forward.servlet_path: /doresetuserpassword.action
javax.servlet.forward.mapping: org.apache.catalina.core.ApplicationMapping$MappingImpl@5cede4ec
org.apache.catalina.AccessLog.RemoteAddr: 221.221.160.122
javax.servlet.error.status_code: 500
com.atlassian.confluence.impl.profiling.DecoratorTimings: com.atlassian.confluence.impl.profiling.DecoratorTimings@4b60cfab
com.opensymphony.sitemesh.APPLIED_ONCE: true
__cleanup_recursion_counter: 0
com.atlassian.confluence.util.message.MessagesDecoratorFilter__already_filtered__: true
com.atlassian.confluence.web.filter.validateparam.RequestParamValidationFilter_already_filtered: true
atlassian.core.seraph.original.url: /500page.jsp
com.atlassian.labs.botkiller.BotKillerFilter: true
org.apache.catalina.AccessLog.Protocol: HTTP/1.0
com.atlassian.gzipfilter.GzipFilter_already_filtered: true
Confluence-Request-Time: 1655201526082
com.atlassian.confluence.web.ConfluenceJohnsonFilter_already_filtered: true
webwork.valueStack: com.opensymphony.xwork.util.OgnlValueStack@36663a25
confluence.themecontext: com.atlassian.confluence.themes.ThemeContext@40557a02
org.apache.catalina.AccessLog.ServerPort: 80
javax.servlet.error.message:
javax.servlet.error.servlet_name: action
org.apache.tomcat.request.forwarded: true
org.apache.tomcat.remoteAddr: 221.221.160.122
com.opensymphony.sitemesh.USINGSTREAM: false
org.apache.catalina.AccessLog.ServerName: confluence.yusur.tech
B3-TraceId: 647a5b59f0325a
loginfilter.already.filtered: true
javax.servlet.jsp.jspException: com.atlassian.confluence.core.InsufficientPrivilegeException: User [Anonymous] does not have the required privileges.
javax.servlet.error.request_uri: /doresetuserpassword.action
com.atlassian.core.filters.HeaderSanitisingFilter_already_filtered: true
com.atlassian.prettyurls.filter.PrettyUrlsSiteMeshFixupFilter: true
org.apache.catalina.AccessLog.RemoteHost: 221.221.160.122
javax.servlet.error.exception: com.atlassian.confluence.core.InsufficientPrivilegeException: User [Anonymous] does not have the required privileges.
os_securityfilter_already_filtered: true
com.atlassian.prettyurls.filter.PrettyUrlsSiteMeshFilter: true
--------------------------
Parameters
--------------------------
atl_token : 369ac5cb683bc451bcc6e7b6418cad3620d250ae
token : a33d35787424d2cbfca96039bebf84f6a22f5f99
username : lixl
confirm : 重置
caused by: com.atlassian.confluence.core.InsufficientPrivilegeException: User [Anonymous] does not have the required privileges.
at com.atlassian.confluence.user.DefaultUserAccessor.alterPassword(DefaultUserAccessor.java:1071)
2022-06-14 18:12:34,138 WARN [http-nio-8190-exec-1] [confluence.impl.hibernate.ConfluenceHibernateTransactionManager] doRollback Performing rollback. Transactions:
->[null]: PROPAGATION_REQUIRED,ISOLATION_DEFAULT (Session #1414719890)
-- referer: http://confluence.yusur.tech/resetuserpassword.action?username=lixl&token=a33d35787424d2cbfca96039bebf84f6a22f5f99 | url: /doresetuserpassword.action | traceId: 140b93750aaa7af0 | userName: anonymous
2022-06-14 18:12:34,138 ERROR [http-nio-8190-exec-1] [atlassian.confluence.servlet.ConfluenceServletDispatcher] sendError Could not execute action
-- referer: http://confluence.yusur.tech/resetuserpassword.action?username=lixl&token=a33d35787424d2cbfca96039bebf84f6a22f5f99 | url: /doresetuserpassword.action | traceId: 140b93750aaa7af0 | userName: anonymous
com.atlassian.confluence.core.InsufficientPrivilegeException: User [Anonymous] does not have the required privileges.
at com.atlassian.confluence.user.DefaultUserAccessor.alterPassword(DefaultUserAccessor.java:1071)
at jdk.internal.reflect.GeneratedMethodAccessor4342.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at com.atlassian.spring.interceptors.SpringProfilingInterceptor.invoke(SpringProfilingInterceptor.java:16)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:123)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:388)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:119)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215)
at com.sun.proxy.$Proxy93.alterPassword(Unknown Source)
at com.atlassian.confluence.user.actions.ResetUserPasswordAction.doResetPassword(ResetUserPasswordAction.java:47)
at jdk.internal.reflect.GeneratedMethodAccessor4601.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at com.opensymphony.xwork.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:302)
at com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:170)
at com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:35)
...
3 answers
1 accepted
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.