Bug #1226 (closed)
Opened 15 years ago
Closed 15 years ago
IAdmin.changePassword() should not set a database password for LDAP users
| Reported by: | jamoore | Owned by: | jamoore |
|---|---|---|---|
| Priority: | critical | Cc: | atarkowska, jburel |
| Sprint: | n.a. | ||
| Total Remaining Time: | n.a. |
Description
A user who authenticates via LDAP and attempts to change his/her password will almost certainly find it confusing to suddenly have two passwords. Since we will (for now) not be changing LDAP passwords via OMERO, the best action is to throw an exception.
Using this ticket as a chance to general refactor the password logic into the ome.security.auth package.
Change History (6)
comment:1 Changed 15 years ago by jmoore
comment:2 Changed 15 years ago by atarkowska
- Cc jburel added
comment:3 Changed 15 years ago by jmoore
r3963 corrects error handling in validatePassword()
comment:4 Changed 15 years ago by jmoore
r3966 adds ignoreUnknown to the ldap provider.
comment:5 Changed 15 years ago by jmoore
r3968 adds ldap-created users to "user" group.
comment:6 Changed 15 years ago by jmoore
- Resolution set to fixed
- Status changed from new to closed
Ok'd by Ola in devteam.
Note: See
TracTickets for help on using
tickets.
You may also have a look at Agilo extensions to the ticket.
r3960 prevents LDAP password changes, so closing.
It also makes a significant number of changes to AdminImpl and LdapImpl since a refactoring was necessary, so more testing is needed.