Defect #4189
closed
Users who change their password when authenticating via ldap cannot log in
Added by jacob briggs about 15 years ago.
Updated about 15 years ago.
Description
Users who change their password when authenticating via ldap cannot log in. To recreate this, follow these steps :
1: Create new user in LDAP, and give them a password. I used "foo"
2: Log in to redmine. Observe that the log in is successful.
3: Log out of redmine
4: Change the users password in LDAP. I used (predictably) "bar"
5: Log in to redmine. Observe a page which looks like :
Internal error
An error occurred on the page you were trying to access.
If you continue to experience problems please contact your redMine administrator for assistance.
Back
For extra credit, you can try to log in with the wrong password. You will get an "Invalid user or password" message. This, and tcpdump, tells me that the password is being checked against LDAP everytime.
We are also using Redmine where authentication is handled by LDAP (Active Directory) and never faced this problem.
Can't reproduce either with authentication against OpenLDAP.
This may be a problem with a plug in. I tried to make the user this issue was happening with an admin, and got the same error.
It looks like the root cause is that users.last_login_on is NULL, but there is a trigger on that table which fires on update. The trigger try's to
insert into login_history (user_id, login, new_login) values (old.id, old.last_login_on, new.last_login_on);
but the field login_history.login cannot have NULLS, so the update fails.
Someone on #redmine said it was a bug I should file, so I did, but now I feel I jumped the gun....
- Status changed from New to Resolved
Jean-Philippe Lang wrote:
Please read SubmittingBugs.
I did before I submitted the bug. It turns out that the person I inherited out install of redmine off had changed some things which caused this issue, but hadn't told me about it. Now I look like an idiot in public.
When the person on IRC advised me to log a bug about it, I didn't think they were Joe Random User - I thought that they thought that I had found something that fit all criteria for bug filing.
So yeah, sorry about wasting everyone's time, the previous admin will be getting an earful.
- Status changed from Resolved to Closed
- Resolution set to Invalid
jacob briggs wrote:
When the person on IRC advised me to log a bug about it, I didn't think they were Joe Random User - I thought that they thought that I had found something that fit all criteria for bug filing.
That was probably me. I had him file a bug report because no one in #redmine could figure out what the problem was and we needed to get some feedback from some other users who where using LDAP. Sorry for the confusion.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by