Dear all,
I have setup ODK aggregate server but I have a problem when assigning a
password to the ODK username.I get this error message "JSON change-password
request to http://openhds.ihi.or.tz/abcdr/ssl/user-manage-passwords failed"
To protect against cross-site scripting attacks, the APIs that alter
passwords and authorizations have extra protections.
Mitch
ยทยทยท
On Sat, Feb 15, 2014 at 6:59 AM, Justine Govela wrote:
Dear all,
I have setup ODK aggregate server but I have a problem when assigning a
password to the ODK username.I get this error message "JSON
change-password request to http://openhds.ihi.or.tz/abcdr/ssl/user-manage-passwords failed"
I am now seeing this issue pop up. Could applying a SSL certificate have any hinderance?
ยทยทยท
On Saturday, February 15, 2014 at 12:48:10 PM UTC-5, Mitch Sundt wrote:
> Did you install it under a Tomcat 6 server?
>
> You need to enable session cookies in your browser and on your webserver. See http://opendatakit.org/use/aggregate/tomcat-install/ and the section on Unsupported Webserver Configurations.
>
>
> To protect against cross-site scripting attacks, the APIs that alter passwords and authorizations have extra protections.
>
> Mitch
>
>
>
>
> On Sat, Feb 15, 2014 at 6:59 AM, Justine Govela wrote:
>
>
> Dear all,
> I have setup ODK aggregate server but I have a problem when assigning a password to the ODK username.I get this error message "JSON change-password request to http://openhds.ihi.or.tz/abcdr/ssl/user-manage-passwords failed"
>
>
>
> Please I will appreciate your assistance
>
>
>
>
> --
>
> --
>
> Post: opend...@googlegroups.com
>
> Unsubscribe: opendatakit...@googlegroups.com
>
> Options: http://groups.google.com/group/opendatakit?hl=en
>
>
>
> ---
>
> You received this message because you are subscribed to the Google Groups "ODK Community" group.
>
> To unsubscribe from this group and stop receiving emails from it, send an email to opendatakit...@googlegroups.com.
>
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
>
> --
> Mitch Sundt
> Software Engineer
> University of Washington
> mitche...@gmail.com
If you are trying to install and use an SSL certificate, first get the
Tomcat admin page to work correctly under SSL, then run the installer and
specify SSL for ODK Aggregate. Then deploy the WAR. This should then work.
Accessing change-password from within the website pages (via the button)
will generally work OK. If you are trying to access it from another
application, or from a piece of injected javascript, there are cross-site
scripting protections in place to prevent those requests from completing
successfully.
ยทยทยท
On Thu, Jan 21, 2016 at 1:26 PM, masummer@email.unc.edu <maj.linux@gmail.com wrote:
I am now seeing this issue pop up. Could applying a SSL certificate have
any hinderance?
On Saturday, February 15, 2014 at 12:48:10 PM UTC-5, Mitch Sundt wrote:
Dear all,
I have setup ODK aggregate server but I have a problem when assigning a
password to the ODK username.I get this error message "JSON change-password
request to http://openhds.ihi.or.tz/abcdr/ssl/user-manage-passwords
failed"
Installing an SSL certificate in Tomcat goes beyond the scope of this forum. Please search Google and you'll find plenty of guides. https://www.mulesoft.com/tcat/tomcat-ssl is one of my favorites.
Hi, I have the same problem you solved, can you help me and tell me how you solved it?
--JSON change-password request https user-manage-passwords failed