Auth source LDAP parameters being filled incorrectly
|Assignee:||Jean-Philippe Lang||% Done:|
|Resolution:||Cant reproduce||Affected version:|
if you go to the page of LDAP auth source configuration, the username/password fields are automatically pre-filled with current credentials.
which is wrong, because they are optional.
if you firstly define LDAP auth source (without user/pass).
then go again to edit the settings and click save (without clearing the username/password fields)
and then it fucks up the configuration because it saves my credentials for LDAP connection.
#1 Updated by Felix Schäfer over 11 years ago
- Status changed from New to Closed
- Resolution set to Cant reproduce
I cannot reproduce that, and I think you browser fills out these fields, as redmine doesn't save your password but only a hash of it (i.e. it couldn't fill the field with your actual password).
#3 Updated by Felix Schäfer over 11 years ago
- Category set to UI
- Status changed from Closed to Reopened
- Assignee set to Jean-Philippe Lang
- Priority changed from Normal to Low
Well, I don't know what browser you are using, but I am using safari on mac, and I don't have problems even with autofill activated. The problem with changing the IDs is that the IDs are the names of the attributes of the objects at hand, and the user model and the LDAP_Auth model happen to share the attributes login and password.
I've set the assignee to jplang to see what his take is on the matter, but I suppose we won't change the IDs of the fields just to get around some funny-behaving browser, sorry.
#4 Updated by Thibault B over 10 years ago
Well I'm really sorry to reopen this issue but I'm experiencing the same weird behaviour on my Redmine 1.2.0 installs.
At first I also thought this was a browser-related behaviour (Firefox 4), but I tried with IE with the same results and I specially installed Chrome to verify.
In all cases if I leave the fields blank they get filled with the account login/password. I'm trying to connect to a LDAP server that requires authentication, let's say LDAP authenication is :
- login MyDomain\MyID and password is MyPassword (password is 10 characters)
and Redmine account is :
- admin/admin (password is 5 characters)
if I put the LDAP login/password in the LDAP configuration page everything seems to be find, but after validation I can't connect. And if I come back on the page the login is still MyDomain\MyID but the LDAP password is 15 characters (10+5).
Whatever the browser I'm using, even browser where the redmine authentication is not stored I'm experiencing this issue.
I really can't figure out why, and really don't know how this could be browser-related.
Thank you very much,
#5 Updated by Thibault B over 10 years ago
Well, the 15 characters thing seems to be a hard-coded thing. Whatever the size of password you put in, if you open it afterwards the password is displayed by fifteen dots.
I'll keep on investigate on whatever can cause this issue if this can help anybody in the future.