This guide will teach you how to setup JOSSO Password Reset process.
You need a configured JOSSO Gateway and a SMTP server that will be used to send password confirmation emails.
- A user wants to log in but does not remember his/her password.
- The user clicks the 'Forgot your password' link from the login form.
- The user is redirected to a password reset form
- The user enters his/her email address
- JOSSO Validates the given email and sends a new generated password to the user's email address.
- The user opens his/her email inbox and clicks the verification link generated by JOSSO.
- JOSSO Updates the stored password with the generated value.
- The user logs in using the new credential.
This component will create and send a verification email using the configured mail sender. Make sure that the mail-to-userporperty property has the name of the SSO User property containing the user's email address. In case you are using a DB store, this should be the name of the table column that stores email addresses.
The template property points to a velocity template used to build the verification email content. The template is located in the gateway distribution war at WEB-INF/classes.
As you can see in the following sample, you can use user information when building the email text. The confirm URL will be automatically generated by JOSSO and will include the verification token.
The email sender component is used by JOSSO to send all outgoing emails. It is defined in the josso-gateway-config.xml file. JOSSO uses spring java email sender implementation.
The identity store has two properties that are relevant for the password reset process.
- resetCredentialDml : This is the query that JOSSO will use to update the user password with the new value upon verification.
- relayCredentialQueryString : This is the query that JOSSO will use to obtain a user's login based on his/her email address. This query must return one and only one value for a given email. In this example, the name of the column used in the query is the value of the mail-to-userproperty property configured in the password distributor.