{"id":12914,"date":"2023-07-21T18:34:31","date_gmt":"2023-07-21T23:34:31","guid":{"rendered":"https:\/\/www.mrc-productivity.com\/docs\/?post_type=ht_kb&#038;p=12914"},"modified":"2023-07-26T14:22:19","modified_gmt":"2023-07-26T19:22:19","slug":"password-reset","status":"publish","type":"ht_kb","link":"https:\/\/www.mrc-productivity.com\/docs\/knowledge-base\/password-reset","title":{"rendered":"Password Reset"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Overview<\/h2>\n\n\n\n<p>m-Power&#8217;s built in Dictionary Security is a commonly used feature by developers who need to put security in front of their runtime application. Offered within m-Power&#8217;s dictionary security option is the ability to include a built-in Password Reset feature, which allows application users to manage their own passwords in the event they cannot login due to a forgotten password. <\/p>\n\n\n\n<p>This documentation will apply to any developers sswho met the following two requirements:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You are validating end-user sign on against a database table (using validation_type = 5).<\/li>\n\n\n\n<li>You are not using Single Sign On (SSO) for end-user authentication.  <\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-ht-blocks-messages wp-block-hb-message wp-block-hb-message--withicon is-style-danger\">m-Power&#8217;s Password Reset functionality <strong>cannot <\/strong>be utilized in data dictionaries which utilize SSO (including Oauth2 and SAML) for user authentication. <\/p>\n\n\n\n<p>For more on m-Power&#8217;s Dictionary Security, please see <a rel=\"noreferrer noopener\" href=\"https:\/\/www.mrc-productivity.com\/docs\/knowledge-base\/implementing-security\" data-type=\"ht_kb\" data-id=\"1229\" target=\"_blank\">here<\/a>.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe title=\"Configure Password Reset in m-Power\" width=\"643\" height=\"362\" src=\"https:\/\/www.youtube.com\/embed\/mCwPkzdig2c?start=1&#038;feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><figcaption class=\"wp-element-caption\">Video Walkthrough<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Implementation<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Initial Setup<\/h3>\n\n\n\n<p class=\"wp-block-ht-blocks-messages wp-block-hb-message wp-block-hb-message--withicon is-style-alert\">Your m-Power environment <strong>must <\/strong>be on the <strong>July 2023 update or later<\/strong> to utilize the Password Reset feature. To update your m-Power environment, please see <a rel=\"noreferrer noopener\" href=\"\/docs\/knowledge-base\/m-power-updates\" target=\"_blank\">here<\/a>.<\/p>\n\n\n\n<p>The Password Reset feature may be implemented in existing or new data dictionaries. To begin, navigate to Admin -&gt; Menu &amp; Security -&gt; Edit Security Settings and click on the &#8216;Password Reset&#8217; section to bring up the following options:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"\/docs\/vue-images\/password_reset1.png\" alt=\"\"\/><figcaption class=\"wp-element-caption\">Figure 1: The Password Reset section in the security settings (mrcSignon2.xml).<\/figcaption><\/figure>\n\n\n\n<p>If this &#8220;Password Reset&#8221; section does not show in your security settings screen for an existing data dictionary (as shown in Figure 1), they must be manually added to this file. Any of the password reset screens will also need to be moved into the dictionary folder. <\/p>\n\n\n\n<p class=\"wp-block-ht-blocks-messages wp-block-hb-message wp-block-hb-message--withicon is-style-info\">Please follow the next section &#8220;<strong>Update an Existing Dictionary<\/strong>&#8220;, if these properties were not listed. Otherwise, please continue further on with the implementation instructions.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Updating an Existing Dictionary<\/h3>\n\n\n\n<p>To manually add these properties, select the Property Options -&gt; Text Mode option to open the mrcSignon2.xml file. <\/p>\n\n\n\n<p>Copy and paste the entire block of code below <strong>before<\/strong> the <code>&lt;applications&gt;<\/code> tag in the mrcSignon2.xml file. <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>&lt;password_reset&gt;\n&lt;!-- Set enabled=\"true\" to enable password reset functionality in this data dictionary. --&gt;\n&lt;!-- Certain conditions must be satisfied before the reset functionality is allowed: --&gt;\n&lt;!-- 1. SSO is not being used. --&gt;\n&lt;!-- 2. The Validation Type 5 is being used. --&gt;\n  &lt;enabled value=\"false\" \/&gt;\n  &lt;reset_link_text value=\"Forgot Password?\" \/&gt;\n  &lt;email_subject value=\"You requested a password reset\" \/&gt;    \n  &lt;email_address_column value=\"USEREMAIL\" \/&gt; \n  &lt;token_expiry_duration value=\"20\" \/&gt;\n&lt;!-- Used to check password strength on the reset password pages. --&gt;\n  &lt;requires_min_length value=\"5\"\/&gt;\n  &lt;requires_special_chars value=\"false\"\/&gt; \n  &lt;requires_digits value=\"false\" \/&gt;\n  &lt;requires_mixed_case value=\"false\"\/&gt;\n  &lt;allows_spaces value=\"true\" \/&gt;\n&lt;\/password_reset&gt;<\/code><\/pre>\n\n\n\n<p>Example:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"\/docs\/vue-images\/password_reset2.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>Ensure to press the &#8216;Save&#8217; option once added and restart Tomcat. <\/p>\n\n\n\n<p>Additionally, please copy the following HTML files from &#8230;\/m-power\/mrcjava\/mrcclasses\/ into &#8230;\/m-power\/mrcjava\/WEB-INF\/classes\/<strong>DICTIONARY<\/strong>, where &#8216;DICTIONARY&#8217; is the name of your data dictionary.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>mrcSignon2.html (Signon Page)<\/li>\n\n\n\n<li>mrcSignonPasswordReset.html (Password Reset Page)<\/li>\n\n\n\n<li>mrcSignonPasswordResetEmail.html (Password Reset Email Body)<\/li>\n\n\n\n<li>mrcSignonPasswordResetRequest.html (Password Reset Request Page)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Property Configuration<\/h3>\n\n\n\n<p>By default, the Password Reset feature is disabled. To enable it, set the &#8216;Enable password reset?&#8217; property to True.<\/p>\n\n\n\n<p>The other properties shown in Figure 3 will be discussed in-depth here. <\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Enable Password Reset?<\/strong> &#8211; Enables or disables the password reset functionality. This property will appropriately show or hide the reset link on the end-user sign on page depending if it&#8217;s set to true or false. <\/li>\n\n\n\n<li><strong>Password reset link text<\/strong> &#8211; On the login page a password reset link appears that can be clicked on to initiate the password reset process. This property sets the text of that link.<\/li>\n\n\n\n<li><strong>Password reset email subject<\/strong> &#8211; The text here will be the subject line of the password reset email sent to the end-user.<\/li>\n\n\n\n<li><strong>Email address database column name<\/strong> <strong>&#8211;<\/strong> Specify the column in your database table that contains the users&#8217; email addresses. Note this can be the userid\/username column of your table, if users&#8217; usernames are their email addresses. <\/li>\n\n\n\n<li><strong>Token expiry duration (minutes)<\/strong> <strong>&#8211;<\/strong> Once a user has requested their password reset, the value here indicates how long (in minutes) the password reset token is good for. Default value is 20.<\/li>\n\n\n\n<li><strong>Password minimum length<\/strong> &#8211; The minimum length of the password. Enter 0 if there is no minimum length requirement.<\/li>\n\n\n\n<li><strong>Password requires special character<\/strong> &#8211; If set to True, the password is required to have at least one special character. If set to False, a special character is not required. Characters include, but are not limited to !@#$%*.<\/li>\n\n\n\n<li><strong>Password requires upper and lowercase letters<\/strong> &#8211; Control whether or not passwords are required to have at least one upper case and one lower case letter. If set to True, one of each is required. If set to False, there are no specific case requirements.<\/li>\n\n\n\n<li><strong>Spaces allowed?<\/strong> &#8211; Whether or not to allow spaces in passwords<br><\/li>\n<\/ul>\n\n\n\n<p>Once any property changes have been made, please save the security settings and restart Tomcat.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Runtime Usage<\/h3>\n\n\n\n<p>At runtime, when enabled the password reset option will be on the end-user sign on screen:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"\/docs\/vue-images\/password_reset4.png\" alt=\"\"\/><figcaption class=\"wp-element-caption\">Figure 4: The mrc Sign On screen (mrcSignon2.html) with the Forgot Password link.<\/figcaption><\/figure>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"\/docs\/vue-images\/password_reset5.png\" alt=\"\"\/><figcaption class=\"wp-element-caption\">Figure 5: Requesting a password reset<\/figcaption><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p>When the Forgot Password link is selected, the user will be prompted to enter in their username they use to sign into the m-Power application with, as shown in Figure 5.<\/p>\n\n\n\n<p>Once submitted, an email will be sent to the user with a link to reset their password. <\/p>\n\n\n\n<p class=\"wp-block-ht-blocks-messages wp-block-hb-message wp-block-hb-message--withicon is-style-alert\">The email server configuration must be set up in the Messaging and Scheduled Tasks in order to send emails. Please see <a href=\"\/docs\/knowledge-base\/messaging-and-scheduled-tasks#messaging-configuration\" target=\"_blank\" rel=\"noopener\">here<\/a> for more information\n.<\/p>\n<\/div>\n<\/div>\n\n\n\n<p>Once submitted, a user will receive an email with a link to reset their password. This link will only be valid for as long as the Token expiry duration was set for.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"\/docs\/vue-images\/password_reset6.png\" alt=\"\"\/><figcaption class=\"wp-element-caption\">Figure 6: The password reset email message<\/figcaption><\/figure>\n\n\n\n<p>Clicking on the &#8220;Reset Password&#8221; link in Figure 6 will return the user to browser, in which the new password will be specified. All requirements, as setup during the property configuration step above, will be listed visibly for the user to see.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img decoding=\"async\" src=\"\/docs\/vue-images\/password_reset7.png\" alt=\"\"\/><figcaption class=\"wp-element-caption\">Figure 7 &#8211; Resetting the password<\/figcaption><\/figure>\n<\/div>\n\n\n<p>Any requirements, if not met with be indicated on the screen when a user attempts to validate their new password. Once the password has been reset, the user will be prompted to go back to the dictionary login screen.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Customizations<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">Appearance<\/h4>\n\n\n\n<p> Developers who want to customize the screens of their password reset feature may do so by navigating to Admin -&gt; Menu &amp; Security -&gt; Edit sign on screen HTML. <\/p>\n\n\n\n<p>Pressing the &#8216;Switch&#8217; option at the top of the editor will allow developers to customize the look and feel of the following pages:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>mrcSignon2.html (Signon Page)<\/li>\n\n\n\n<li>mrcSignonPasswordReset.html (Password Reset Page)<\/li>\n\n\n\n<li>mrcSignonPasswordResetEmail.html (Password Reset Email Body)<\/li>\n\n\n\n<li>mrcSignonPasswordResetRequest.html (Password Reset Request Page)<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Encryption<\/h4>\n\n\n\n<p>The password reset feature supports using a non-encrypted or encrypted (ex. SHA-256) password column. The password reset feature will automatically encrypt reset passwords, granted the <code>encryption_type=\"xxxx\"<\/code> attribute is present on the <code>&lt;validateby_table&gt;<\/code> tag within the mrcSignon2.xml. <\/p>\n\n\n\n<p>For more information on setting up encryption, please see <a href=\"\/docs\/knowledge-base\/implementing-security#validate-by-database-table\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>. <\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Utilizing your own security table<\/h4>\n\n\n\n<p>The Password Reset feature is designed to work with m-Power&#8217;s innate application users table, the MRCSEC1 table. If wanting to use the password reset feature against your own database table with users and passwords, please contact mrc for more information. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Promoting to Production<\/h2>\n\n\n\n<p>To promote to production, the following files will need to be promoted. All of these files can be found in ..\/m-power\/mrcjava\/WEB-INF\/classes\/<strong>DICTIONARY<\/strong>, where &#8216;<strong>DICTIONARY<\/strong>&#8216; is the name of the data dictionary.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>mrcSignon2.xml (Security Settings)<\/li>\n\n\n\n<li>mrcSignon2.html (Signon Page)<\/li>\n\n\n\n<li>mrcSignonPasswordReset.html (Password Reset Page)<\/li>\n\n\n\n<li>mrcSignonPasswordResetEmail.html (Password Reset Email Body)<\/li>\n\n\n\n<li>mrcSignonPasswordResetRequest.html (Password Reset Request Page)<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Overview m-Power&#8217;s built in Dictionary Security is a commonly used feature by developers who need to put security in front of their runtime application. Offered within m-Power&#8217;s dictionary security option is the ability to include a built-in Password Reset feature, which allows application users to manage their own passwords in&#8230;<\/p>\n","protected":false},"author":1,"comment_status":"closed","ping_status":"closed","template":"","format":"standard","meta":{"footnotes":""},"ht-kb-category":[],"ht-kb-tag":[],"class_list":["post-12914","ht_kb","type-ht_kb","status-publish","format-standard","hentry"],"_links":{"self":[{"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/ht-kb\/12914","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/ht-kb"}],"about":[{"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/types\/ht_kb"}],"author":[{"embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/comments?post=12914"}],"version-history":[{"count":30,"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/ht-kb\/12914\/revisions"}],"predecessor-version":[{"id":13110,"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/ht-kb\/12914\/revisions\/13110"}],"wp:attachment":[{"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/media?parent=12914"}],"wp:term":[{"taxonomy":"ht_kb_category","embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/ht-kb-category?post=12914"},{"taxonomy":"ht_kb_tag","embeddable":true,"href":"https:\/\/www.mrc-productivity.com\/docs\/wp-json\/wp\/v2\/ht-kb-tag?post=12914"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}