Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-9449

Missing secure port in URLs when sending mails



    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Release Branch 16.11, Trunk
    • Fix Version/s: 16.11.04
    • Component/s: framework
    • Labels:


      While working on an issue reported by Pierre Gaudin on user ML https://s.apache.org/gDo3, here quoted:

      While testing the sending of a new password on a local trunk, I meet an error.
      Here are the stapes to reproduce:

      • ont the login page click on 'Forgot Your Password?'
      • an email is sent with a link
      • click the link
      • a form is display allowing to indicate the new password
      • clik on submit button and then an error message is display

      In the local OFBiz log i can see this errror message :

      > Unable to execute 'doFinal' with cipher instance [javax.crypto.Cipher@42f40da].

      If i do the same on on trunk demo i see this error message :

      > org.apache.ofbiz.entity.EntityCryptoException: org.apache.ofbiz.entity.EntityCryptoException: key(Secret Key) not found in database (key(Secret Key) not found in database)
      > at org.apache.ofbiz.entity.util.EntityCrypto.decrypt(EntityCrypto.java:138) ~[ofbiz.jar:?]
      > at org.apache.ofbiz.webapp.control.LoginWorker.login(LoginWorker.java:336) [ofbiz.jar:?]

      I found another issue while testing: the port 8443 is missing in the URL used underneath by the form reported by Pierre.

      It was broken by OFBIZ-9206 where I removed the value of port.https in url.properties. It's not an issue if you set the value of port.https, or let it empty when using a SSL certificate on a production server. But if you try locally (localhost) then the URL misses the 8443 port.


          Issue Links



              • Assignee:
                jleroux Jacques Le Roux
                jleroux Jacques Le Roux
              • Votes:
                0 Vote for this issue
                1 Start watching this issue


                • Created: