SSPR 5003 in Forgotten Password Module

  • 7023286
  • 17-Aug-2018
  • 24-Aug-2018

Environment

Self Service Password Reset
SSPR 4.2.0.3
eDir 9.0.4
IDM UserApp 4.6
OSP Integration
SSPR Forgotten password module configured to allow unlock of intruder-locked eDir account


Situation

Error 5003 returned after answering passphrase questions in SSPR "forgotten password" module
5003 ERROR_USERAUTHENTICATED, simply means the user is already authenticated to SSPR.

User had previously authenticated to User App

Resolution

This is working as designed. The user getting the 5003 error had previously authenticated to UserApp, and the message just means  that the user is already authenticated.  

When SSPR is integrated with User App,  OSP automatically logs the user into SSPR with tokens.  Since OSP uses tokens it can authenticate the user to SSPR even if the user’s password became locked after the User  App login.

Workaround:

-        Change the text shown on the “change password” button, and the text that goes with the button description in SSPR Configuration Editor, under Display Text – Display.   Change the values for “Button_ChangePassword” and “Display_RecoverChoiceReset.”




Additional Information

Steps to duplicate:

1. Configure SSPR for OSP integration
2. Login to User App
3. Using an incorrect password, attempt to login to eDirectory with the Client for Open Enterprise Server enough times to trigger intruder detection
4. Launch SSPR from User App, select Forgotten Password
5. Answer passphrase questions
6. Error 5003, "user already authenticated" will be returned