Bug #3913
closed"forget password page" (ldap) on dev doesn't work for nceas organization
0%
Description
I was trying to figure out the issue that "forget password page" doesn't work for UCNRS. After changing the username/password for UCNRS in ldapweb.cfg file, it still doesn't work -giving an error "User not found in database. Please try again"
So I decided to try a nceas account, the page still doesn't work, gave the same error as the the UCNRS account.
I also monitor the error log of apache, both nceas and UCNRS accounts showed the same error message:
[Fri Mar 20 16:42:29 2009] [error] [client 98.208.91.162] LDAPweb: started with stage resetpass, cfg knb, referer: http://dev.nceas.ucsb.edu/knb/cgi-bin/ldapweb.cgi?stage=resetpass&cfg=knb
[Fri Mar 20 16:42:29 2009] [error] [client 98.208.91.162] Use of uninitialized value in concatenation (.) or string at /var/www/edu.ucsb.nceas.dev/knb/cgi-bin/ldapweb.cgi line 422., referer: http://dev.nceas.ucsb.edu/knb/cgi-bin/ldapweb.cgi?stage=resetpass&cfg=knb
[Fri Mar 20 16:42:29 2009] [error] [client 98.208.91.162] Use of uninitialized value in concatenation (.) or string at /var/www/edu.ucsb.nceas.dev/knb/cgi-bin/ldapweb.cgi line 422., referer: http://dev.nceas.ucsb.edu/knb/cgi-bin/ldapweb.cgi?stage=resetpass&cfg=knb
[Fri Mar 20 16:42:29 2009] [error] [client 98.208.91.162] Use of uninitialized value in concatenation (.) or string at /var/www/edu.ucsb.nceas.dev/knb/cgi-bin/ldapweb.cgi line 439., referer: http://dev.nceas.ucsb.edu/knb/cgi-bin/ldapweb.cgi?stage=resetpass&cfg=knb
[Fri Mar 20 16:42:29 2009] [error] [client 98.208.91.162] LDAPweb: ldap server: ldap://ldap.ecoinformatics.org:389/, referer: http://dev.nceas.ucsb.edu/knb/cgi-bin/ldapweb.cgi?stage=resetpass&cfg=knb
We tested unaffiliated accounts and they worked.
I guess "change password page" will have some problem.
Mike, when you work on this bug, don't user UCNRS account. This account may have more issues.
Updated by Shaun Walbridge over 15 years ago
The removal of the organization LDAP properties (r4729) caused this to break. I've added an simple autoconfiguration which takes the auth.base and unaffiliated properties as defaults in the absence of more specific ones within metacat.properties. For example, prior to r4729 we had:
organization.configured.NCEAS=false
organization.name.NCEAS=National Center for Ecological Analysis and Synthesis
organization.base.NCEAS=dc=ecoinformatics,dc=org
organization.org.NCEAS=o=NCEAS
organization.user.NCEAS=cn=Manager
organization.password.NCEAS=
Of these, only organization.configured.NCEAS and organization.name.NCEAS need to exist for ldapweb.cgi to now work -- the other values will be looked up as needed. This won't work for skins such as UCNRS which have a different base / dn, and we'll still want to include these. If I recall correctly, this whole block is due to have configuration exposed, but we didn't have time to get to it for the 1.9 release.