Hi, I am trying to change the Admin password on our newly installed ODK -Aggregate 2.0.1 (tomcat8, postgresql 9.5, ubuntu 16.04LTS) and get an error message when saving the new password "JSON change-password request to /ssl/user-manage-passwords failed"
We have SSL installed and working. I saw that this had been posted earlier (JSON change-password) without it being clear what actually solved the issue. I tried following the link in previous post but didnt find anything about "Unsupported Webserver Configuration". Session cookies in browser are enabled.
Welcome to the ODK forum, @Axlm! We're glad you're here. When you get a chance, please introduce yourself here. I'd also encourage you to add a real picture as your avatar because it helps build community.
The most common cause for this issue is a misconfigured security.properties file. The location of this file may vary depending on the method you choose to deploy aggregate. Did you use the installer or did you compiled Aggregate yourself?
Another factor that we need to take into account is whether your users are accessing Aggregate directly or via some proxy or load balancer. Can you tell us more details about your deployment?
Txs for the welcome. I have written a short introduction, but will add a picture as well.
I used the installer to deploy Aggregate and our users are accessing Aggregate directly. The solution is running on VM in Azure.
Where do I find security.properties? Is there anything there I can look for or change?
The installer packs all configuration files into a JAR file located at WEB-INF/lib/ODKAggregate-settings.jar. You can unzip that file to get the security.properties file. We need to check what values are defined int the keys:
The configuration you've shared is OK for your setup. You could change some settings to better fit your scenario, but the one you have is actually OK.
When security.server.hostname is empty, Aggregate detects a valid IP address automatically when starting, which works in most situations.
You could try to set a specific value in security.server.hostname, though. That would prevent issues in case Aggregate has detected an IP address different than the one users are using to access it, which would explain why changing passwords fails.
In order to do that, you can follow these steps:
Create a backup of the whole directory where Aggregate is deployed
Unzip WEB-INF/lib/ODKAggregate-settings.jar into WEB-INF/classes
Delete WEB-INF/lib/ODKAggregate-settings.jar<< this is important
Edit WEB-INF/classes/security.properties and set security.server.hostname with the IP address or hostname that the users will be using to access Aggregate
unfortunately it didn't work. I tried both with IP address and hostname, but with the same result. I am able to create a new user on the Site Admin page but I get the same message as before when I try the Change Password button. Anything else I could try?
A colleague found a previous post in the forum that had similar problem, but that was related to some port issues. We are running our solution on port 8443 and noticed when we changed to security.server.hostname to ip address and disabled the port 8080 connector (which redirected to 8443) in the server.xml we got an error message complaining about not able to find ipaddress:8080 when tried to Change Password. This seemed to indicate that even it was using port 8443 it tried to switch to port 8080 when pressing the Change Password button. We also notice that if we activate developer mode in the browser and as soon as we press Change Password to send the password we get a 404 on /ssl/user-manage_passwords. I hope that this might be of any help to clarify the problem.
unfortunately this didn't help either but led us to a temporary solution and maybe the key to the problem. We used the developer tools in Chrome again and noticed we still got 404 message as soon as we pressed the Change Password button after entering the new passwords. I double clicked on the error message in the developer tools and it opened the 404 URL in a new window . There I saw that it tried to open the following URL https://odk.cmi.no:8443/ssl/user-manage-passwords?username=... but ODKAggregate was missing in the URL. However changing the URL to this: https://odk.cmi.no:8443/ODKAggregate/ssl/user-manage-passwords?username=.. enabled us to change the passwords. So there seems to be something like a base URL or something somewhere that is not correct. It works for now, but I don't know if this will affect other functionality of ODKAggregate as well.
Thank you for your help so far!