CA PPM does not verify that the New Password and Confirm password data given match when resetting password in the new UI

Document ID : KB000103701
Last Modified Date : 28/06/2018
Show Technical Document Details
Issue:
New UX: When resetting the password, PPM does not verify that the New Password and Confirm password data given match. Even if those do not match, password gets reset.

STEPS TO REPRODUCE: 
 
1. Log in to PPM and ensure new UX is enabled. 

2. Go to Administration > Organization and Access > Resources.

3. Edit any user profile and add your email address and user email address. 

4. Go to the new UX URL, let say: http://<server_name>/pm. 

5. Click on Forgot Password.

6. Enter the user name you want to have the password reset.

7. You will receive an email like: 

We have received a request to reset your CA PPM™ password. To proceed, please click on the following link. 

http://<server_name>/pm#changepassword?userName=<username>&code=VeFwJVyVQmh5BmUZ4js1k 

8. Open the link and you will find a window where you need to enter the new password 

9. Give as a New Password: Mynowpwd 

Confirm Password: Mynewpwd 

10. Submit it 

Expected Result: I should be alerted that both passwords given do not match. 

Actual Result: Password gets reset to Mynowpwd and no alert is given about password matching. As a typo was made when entering the password, If the user tried to log in using Mynewpwd an error "API-1029 : Authentication Error. Contact your system administrator for necessary action" will be received.
 
Environment:
CA PPM 15.4
CA PPM 15.4 SP1
Cause:
This issue is caused by an existing defect: DE41973
 
Resolution:
None at this time.
Workaround: Reset password again in new UX or reset it in the Classic UI