- Set up JIRA and Confluence
- Enable JIRA User Server, and allow Confluence to connect to it
- When defining the directory, set the directory as read only
- As a user from the JIRA directory, attempt to reset your password
Note: the above steps for reproduction are also applicable to Crowd.
Because the directory is read-only, the password cannot be reset. A message similar to the following would be helpful:
Your account is managed by <application name>, and cannot be updated at Confluence. Please visit <application url> to make changes to your account. If you're having trouble, please consult your system administrators.
This lets the user know their account cannot be changed at the current application, and where to go for managing it.
- We know the directory is read-only
- We also know which directory a user logs in through
- We're also aware of where that directory is located (since we have this configuration as a part of the directory)
The update fails, and the following message appears:
An internal error occured when trying to change your password.
Users must contact the administrator, rather than being able to self-service.
Setting the directory Read/Write allows users to reset their passwords in Crowd and JIRA from a downstream application such as Confluence. However, there are some cases where this may not be desirable - Confluence should fail gracefully, and guide the user to a location where they can change their password.