Bug 252

Summary: authentication does not work with email address
Product: Websites Reporter: Romain d'Alverny <rdalverny>
Component: identity.mageia.orgAssignee: Buchan Milne <bgmilne>
Status: NEW --- QA Contact:
Severity: minor    
Priority: Normal CC: atelier-bugs, bgmilne, djmarian4u, eagle150, marja11, misc, sysadmin-bugs
Version: trunk   
Target Milestone: ---   
Hardware: All   
OS: Linux   
See Also: https://bugs.mageia.org/show_bug.cgi?id=21769
Whiteboard: OK
Source RPM: CVE:
Status comment:

Description Romain d'Alverny 2011-03-02 19:21:39 CET 
When a registered user enters her correct email+password, authentication fails. It does work when using login+password.

Steps to Reproduce:
1. Use your Mageia user account
2. Try to authenticate on https://identity.mageia.org/ with your email and password

Expected behaviour is: authenticate correctly with both email or login (consistently across all Mageia online apps).

Reproducible: 

Steps to Reproduce:
Comment 1 Buchan Milne 2011-03-03 09:48:05 CET 
There is a bug in Catalyst::Authentication::Store::LDAP . The documentation (http://search.cpan.org/~bobtfish/Catalyst-Authentication-Store-LDAP-1.012/lib/Catalyst/Authentication/Store/LDAP.pm#user_field) claims:

"You can also set it to an array, to allow more than one login field. The first field will be returned as identifier for the user."

However, when running in debug mode (./script/catdap_server.pl -d) setting (in catdap_local.yml):

authentication:
  realms:
    ldap:
      store:
        user_filter: (&(objectclass=inetOrgPerson)(|(uid=%s)(mail=%s)))
        user_field: 
                    - uid
                    - mail

An exception is thrown with the message:
"LDAP claims 'ARRAY(0xXXXXX)' equals 'bgmilne' but results entry does not match."

The CatDap side should really just be the configuration above, if Catalyst::Authentication::Store::LDAP works as documented.

CC: (none) => bgmilne

Comment 2 Romain d'Alverny 2011-05-06 12:47:32 CEST 
*** Bug 1171 has been marked as a duplicate of this bug. ***

CC: (none) => misc

Comment 3 Michael Scherer 2011-05-06 13:38:12 CEST 
Do you have a simple test case for C::A::S::LDAP, so we can try to take a look and either send a patch or a bug report ?
Comment 4 Marja Van Waes 2011-10-04 15:08:42 CEST 
@ Mageia Web Team

Any news on this bug?

CC: (none) => m.van.waes

Comment 5 Marja Van Waes 2011-12-11 21:34:12 CET 
@ Assignee
I think this bug was assigned correctly, but please confirm by putting "OK" on the whiteboard or by confirming in a comment
Romain d'Alverny 2011-12-11 23:11:06 CET

Assignee: mageia-webteam => bgmilne

Dan Joita 2012-03-07 11:23:35 CET

CC: (none) => djmarian4u
Summary: Authentication does not work with email address => authentication does not work with email address

Romain d'Alverny 2012-07-27 14:32:49 CEST

Whiteboard: (none) => OK

Comment 6 Bicycle RepairMan 2013-08-02 18:56:18 CEST 
Any news? This is still open and very much unfixed!
Also, is 1171 a dublicate of this bug? That one is still open and unfixed, too...

CC: (none) => eagle150

Comment 7 RĂ©mi Verschelde 2015-09-10 15:54:58 CEST 
Buchan, any news on this topic? Trying to dust some old bugs :)
Comment 8 Marja Van Waes 2017-09-26 08:57:50 CEST 
It would be really nice if this could be fixed.

It happens quite often that a user forgets his/her Mageia user name. Even the mail a user receives when resetting the password in identity.mageia.org, doesn't reveal the user name.

CC: (none) => atelier-bugs, sysadmin-bugs

Marja Van Waes 2017-09-26 09:23:40 CEST

See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=21769