Redmine

Jean-Philippe Lang wrote:

Using r2476, assuming I have no redmine account:

• on the login form, I enter my openid url
• I'm redirected to my openid provider, I accept to access the site
• I'm redirected to the redmine registration form (only the openid url is filled)

Looks like your OpenID provider doesn't send back the sreg information, which is required to setup the account. This is because Redmine requires a login (sreg 'nickname'), mail (sreg 'email'), firstname, and lastname (sreg 'fullname') in order to create a user. You can see my OpenID provider sends back the sreg so I was able to create a user account on the fly (second to the last request)

• I fill the form (btw, why do I have to enter a password?)

Because Redmine requires a password :) If the user was able to be created on the fly, they get a random password (User#random_password) but since saving your user account failed the password wasn't set.

• I hit Submit
• the registration is displayed with the login field empty and the error message "login can't be blank"
• same error if I re-fill the login and re-submit

This sounds like a problem with the register form itself. Let me do some more testing and see

Last log used the wrong database, where I had an existing user account. This log shows the process for a new user that needs an Administrator to approve the account activation.

I figured out why it wasn't taking your login. AccountController#open_id_authenticate was adding an auth_source_registration to the session which caused AccountController#register to use the wrong codepath. It's fixed in r2483.