fix issue with requiring update attribute verifications when existing value is not defined on user

server/src/main/java/password/pwm/http/SessionManager.java

@@ -220,9 +220,14 @@ public class SessionManager
             final boolean result = LdapPermissionTester.testUserPermissions( pwmApplication, pwmSession.getLabel(), pwmSession.getUserInfo().getUserIdentity(), userPermission );
             status = result ? Permission.PermissionStatus.GRANTED : Permission.PermissionStatus.DENIED;
             pwmSession.getUserSessionDataCacheBean().setPermission( permission, status );
-            LOGGER.debug( pwmSession.getLabel(), String.format( "permission %s for user %s is %s",
-                    permission.toString(), pwmSession.getUserInfo().getUserIdentity().toDelimitedKey(),
-                    status.toString() ) );
+
+            LOGGER.debug( pwmSession.getLabel(),
+                    String.format( "permission %s for user %s is %s",
+                            permission.toString(),
+                            pwmSession.isAuthenticated()
+                                    ? pwmSession.getUserInfo().getUserIdentity().toDelimitedKey()
+                                    : "[unauthenticated]",
+                            status.toString() ) );
         }
         return status == Permission.PermissionStatus.GRANTED;
     }

server/src/main/java/password/pwm/http/servlet/updateprofile/UpdateProfileUtil.java

@@ -63,6 +63,7 @@ import java.util.Collections;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.LinkedHashMap;
+import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
@@ -246,7 +247,7 @@ public class UpdateProfileUtil
                 formFields
         ) );
 
-        final Set<TokenDestinationItem.Type> interestedTypes = new HashSet<>(  );
+        final Set<TokenDestinationItem.Type> interestedTypes = new LinkedHashSet<>(  );
         if ( updateProfileProfile.readSettingAsBoolean( PwmSetting.UPDATE_PROFILE_EMAIL_VERIFICATION ) )
         {
             interestedTypes.add( TokenDestinationItem.Type.email );

server/src/main/java/password/pwm/util/java/StringUtil.java

@@ -220,9 +220,9 @@ public abstract class StringUtil
 
     public static boolean nullSafeEqualsIgnoreCase( final String value1, final String value2 )
     {
-        return value1 == null
-                ? value2 == null
-                : value1.equalsIgnoreCase( value2 );
+        final String compare1 = value1 == null ? "" : value1;
+        final String compare2 = value2 == null ? "" : value2;
+        return compare1.equalsIgnoreCase( compare2 );
     }
 
     public static boolean nullSafeEquals( final String value1, final String value2 )

server/src/main/webapp/WEB-INF/jsp/updateprofile-entercode.jsp

@@ -26,6 +26,7 @@
 <%@ page import="password.pwm.http.bean.UpdateProfileBean" %>
 <%@ page import="password.pwm.config.profile.UpdateProfileProfile" %>
 <%@ page import="password.pwm.bean.TokenDestinationItem" %>
+<%@ page import="password.pwm.http.servlet.updateprofile.UpdateProfileServlet" %>
 
 <!DOCTYPE html>
 <%@ page language="java" session="true" isThreadSafe="true" contentType="text/html" %>
@@ -62,9 +63,10 @@
                 </button>
             </div>
         </form>
-        <form id="form-reset" name="form-reset" method="post" name="form-cancel" enctype="application/x-www-form-urlencoded"
+        <form id="form-reset" name="form-reset" method="post" enctype="application/x-www-form-urlencoded"
               class="pwm-form">
-            <input type="hidden" name="processAction" value="unConfirm"/>
+            <input type="hidden" name="<%=PwmConstants.PARAM_RESET_TYPE%>" value="<%=UpdateProfileServlet.ResetAction.unConfirm%>"/>
+            <input type="hidden" name="<%=PwmConstants.PARAM_ACTION_REQUEST%>" value="<%=UpdateProfileServlet.UpdateProfileAction.reset%>"/>
             <input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
         </form>
     </div>