Skip to Content
Former Member
Jul 12, 2018 at 10:16 AM

Problem with reset password procedure



The reset password procedure doesn’t work properly. When a user tries to reset his password, sometimes the system doesn’t send the email with the procedure to do it. The only way to unlock this situation It is one in which the customer/user cleans the browser cookies. After this procedure, the customer can do another password reset and finally receive the email

The console log file:

 [hybrisHTTP48] [] [RequireHardLoginEvaluator] missing secure token in session, login required
 INFO   | jvm 1    | main    | 2018/02/10 09:54:16.573 | ^[[m
 [hybrisHTTP48] [] [PasswordResetPageController] Email: does not exist in the database.

We debug the code and found the method that goes into error is: yacceleratorstorefront/web/src/com/ourgroup/storefront/controllers/pages/

     @RequestMapping(value = "/request", method = RequestMethod.POST)
         public String passwordRequest(@Valid final ForgottenPwdForm form, final BindingResult bindingResult,
                 final Model model) throws CMSItemNotFoundException {
             if (bindingResult.hasErrors()) {
                 return ControllerConstants.Views.Fragments.Password.PasswordResetRequestPopup;
             } else {
                 try {
                 } catch (final UnknownIdentifierException unknownIdentifierException) {
                     LOG.warn("Email: " + form.getEmail() + " does not exist in the database.");
                 } catch (final ClassMismatchException classMismatchException) {
                     LOG.warn("Email: " + form.getEmail() + " belongs to an user who isn't a customer.");
                     return ControllerConstants.Views.Fragments.Password.ForgotPasswordErrorMessage;
 return ControllerConstants.Views.Fragments.Password.ForgotPasswordValidationMessage;

The user exists and the mail it's correct. The error is not replicable in our local environment. We tried to debug the code but the method described before looks correct and doesn’t catch an exception for subscribed users. We are not able to understand which component causes an error, and which is the role of the cookies or the session in this issue.