Bug 252 - authentication does not work with email address
Summary: authentication does not work with email address
Status: NEW
Alias: None
Product: Websites
Classification: Unclassified
Component: identity.mageia.org (show other bugs)
Version: trunk
Hardware: All Linux
Priority: Normal minor
Target Milestone: ---
Assignee: Buchan Milne
QA Contact:
URL:
Whiteboard: OK
Keywords:
Depends on:
Blocks:
 
Reported: 2011-03-02 19:21 CET by Romain d'Alverny
Modified: 2017-09-26 09:23 CEST (History)
7 users (show)

See Also:
Source RPM:
CVE:
Status comment:


Attachments

Description Romain d'Alverny 2011-03-02 19:21:39 CET
When a registered user enters her correct email+password, authentication fails. It does work when using login+password.

Steps to Reproduce:
1. Use your Mageia user account
2. Try to authenticate on https://identity.mageia.org/ with your email and password

Expected behaviour is: authenticate correctly with both email or login (consistently across all Mageia online apps).

Reproducible: 

Steps to Reproduce:
Comment 1 Buchan Milne 2011-03-03 09:48:05 CET
There is a bug in Catalyst::Authentication::Store::LDAP . The documentation (http://search.cpan.org/~bobtfish/Catalyst-Authentication-Store-LDAP-1.012/lib/Catalyst/Authentication/Store/LDAP.pm#user_field) claims:

"You can also set it to an array, to allow more than one login field. The first field will be returned as identifier for the user."

However, when running in debug mode (./script/catdap_server.pl -d) setting (in catdap_local.yml):

authentication:
  realms:
    ldap:
      store:
        user_filter: (&(objectclass=inetOrgPerson)(|(uid=%s)(mail=%s)))
        user_field: 
                    - uid
                    - mail

An exception is thrown with the message:
"LDAP claims 'ARRAY(0xXXXXX)' equals 'bgmilne' but results entry does not match."

The CatDap side should really just be the configuration above, if Catalyst::Authentication::Store::LDAP works as documented.

CC: (none) => bgmilne

Comment 2 Romain d'Alverny 2011-05-06 12:47:32 CEST
*** Bug 1171 has been marked as a duplicate of this bug. ***

CC: (none) => misc

Comment 3 Michael Scherer 2011-05-06 13:38:12 CEST
Do you have a simple test case for C::A::S::LDAP, so we can try to take a look and either send a patch or a bug report ?
Comment 4 Marja Van Waes 2011-10-04 15:08:42 CEST
@ Mageia Web Team

Any news on this bug?

CC: (none) => m.van.waes

Comment 5 Marja Van Waes 2011-12-11 21:34:12 CET
@ Assignee
I think this bug was assigned correctly, but please confirm by putting "OK" on the whiteboard or by confirming in a comment
Romain d'Alverny 2011-12-11 23:11:06 CET

Assignee: mageia-webteam => bgmilne

Dan Joita 2012-03-07 11:23:35 CET

CC: (none) => djmarian4u
Summary: Authentication does not work with email address => authentication does not work with email address

Romain d'Alverny 2012-07-27 14:32:49 CEST

Whiteboard: (none) => OK

Comment 6 Bicycle RepairMan 2013-08-02 18:56:18 CEST
Any news? This is still open and very much unfixed!
Also, is 1171 a dublicate of this bug? That one is still open and unfixed, too...

CC: (none) => eagle150

Comment 7 Rémi Verschelde 2015-09-10 15:54:58 CEST
Buchan, any news on this topic? Trying to dust some old bugs :)
Comment 8 Marja Van Waes 2017-09-26 08:57:50 CEST
It would be really nice if this could be fixed.

It happens quite often that a user forgets his/her Mageia user name. Even the mail a user receives when resetting the password in identity.mageia.org, doesn't reveal the user name.

CC: (none) => atelier-bugs, sysadmin-bugs

Marja Van Waes 2017-09-26 09:23:40 CEST

See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=21769


Note You need to log in before you can comment on or make changes to this bug.