Highlighted
Valued Contributor.
Valued Contributor.
159 views

SSPR v4.5.0.2 - Forgotten Password User Search Filter, Blank Replaced Tokens Returns a Wildcard (*)

Hi all,

I'm trying to setup the "Forgotten Password User Search Form" with 3 attributes:

1. cn - *Required

2. mobile

3. mail

where my "Forgotten Password User Search Filter" is:

(&(objectClass=Person)(cn=%cn%)(|(mobile=%mobile%)(mail=%mail%)))

 

As the  "Forgotten Password User Search Filter" shows, I want the users to be found either with cn+mobile or cn+mail.

Whats happens is this:

Example 1:

The users fills their cn (lets say its 999999999 for this example) and leave the mobile and mail blank -> they are found by the SSPR.

in the log, I see that the search filter is passed like this: (&(objectClass=Person)(cn=999999999)(|(mobile=*)(mail=*)))

Example 2: 

The users fills their cn (lets say its 999999999 for this example), wrong mobile (055123456) and leave the mail blank -> they are also found by the SSPR.

in the log, I see that the search filter is passed like this: (&(objectClass=Person)(cn=999999999)(|(mobile=055123456)(mail=*)))

Example 3: 

The users fills their cn (lets say its 999999999 for this example), wrong mobile (055123456) and the right mail (**PERSONAL INFORMATION REMOVED**) -> they are also found by the SSPR.

in the log, I see that the search filter is passed like this: (&(objectClass=Person)(cn=999999999)(|(mobile=055123456)(mail=**PERSONAL INFORMATION REMOVED**)))

 

Only when both mail and mobile are wrong, SSPR can't find the user and gives this error: "The user name is not valid or is not eligible to use this feature"

My question is:

Why does blank %mobile% and %mail% return a * value to the search filter and not left blank as it should? and how can I prevent that from happening?

 

Thanks!

0 Replies
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.