I have WSO2 IS 5.0.0 installed. I am able to change user's passwords through the admin console. However, when user's tried to change their passwords through the /dashboard application. It does not work. Even though UI does not show any errors, following stack trace appears in the logs.
TID: [0] [IS] [2015-02-19 10:51:21,122] INFO {JAGGERY.gadgets.pwd_change.controllers.wsUtil:jag} - JSESSIONID=E6F5DCA84FC09E7795F627C5C0C8CD06; Path=/; Secure; HttpOnly {JAGGERY.gadgets.pwd_change.controllers.wsUtil:jag} TID: [0] [IS] [2015-02-19 10:51:21,152] WARN {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - Illegal access attempt at [2015-02-19 10:51:21,0152] from IP address 127.0.0.1 while trying to authenticate access to service UserAdmin {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} TID: [0] [IS] [2015-02-19 10:51:21,164] INFO {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[https://localhost:9443/services/UserAdmin] {org.apache.axis2.transport.http.HTTPSender} org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:311) at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:194) at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75) at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) at org.apache.axis2.description.OutOnlyAxisOperationClient.executeImpl(OutOnlyAxisOperation.java:297) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) at org.apache.axis2.client.ServiceClient.fireAndForget(ServiceClient.java:511) at org.apache.axis2.client.ServiceClient.fireAndForget(ServiceClient.java:488) at org.jaggeryjs.hostobjects.ws.WSRequestHostObject.jsFunction_send(WSRequestHostObject.java:360) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386) at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.c0._c_call_1(/portal/gadgets/pwd_change/controllers/wsUtil.jag:28) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.c0.call(/portal/gadgets/pwd_change/controllers/wsUtil.jag) at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:63) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.c0._c_callWSInOnly_2(/portal/gadgets/pwd_change/controllers/wsUtil.jag:39) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.c0.call(/portal/gadgets/pwd_change/controllers/wsUtil.jag) at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:63) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.pwd_change.c1._c_changeCredential_1(/portal/gadgets/pwd_change/controllers/pwd_change/userAdminClient.jag:13) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.pwd_change.c1.call(/portal/gadgets/pwd_change/controllers/pwd_change/userAdminClient.jag) at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.pwd_change.c0._c_edit_1(/portal/gadgets/pwd_change/controllers/pwd_change/edit.jag:34) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.pwd_change.c0.call(/portal/gadgets/pwd_change/controllers/pwd_change/edit.jag) at org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRuntime.java:74) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.pwd_change.c0._c_script_0(/portal/gadgets/pwd_change/controllers/pwd_change/edit.jag:51) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.pwd_change.c0.call(/portal/gadgets/pwd_change/controllers/pwd_change/edit.jag) at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394) at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.pwd_change.c0.call(/portal/gadgets/pwd_change/controllers/pwd_change/edit.jag) at org.jaggeryjs.rhino.portal.gadgets.pwd_change.controllers.pwd_change.c0.exec(/portal/gadgets/pwd_change/controllers/pwd_change/edit.jag) at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:570) at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273) at org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:435) at org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServlet.java:29) at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:749) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:487) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:379) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:339) at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99) at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178) at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56) at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141) at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936) at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:745)
