Bug #5243
ldapweb.cgi crashes with invalid password characters
0%
Description
Some characters cause the account creation process to fail out, and return a blank page to the user instead of the expected error. Noticed by Jim while assisting some folks to get set up with Morpho, on the production site at:
http://knb.ecoinformatics.org/knb/cgi-bin/ldapweb.cgi?cfg=knb
History
#1 Updated by Redmine Admin almost 8 years ago
Original Bugzilla ID was 5243
#2 Updated by ben leinfelder almost 8 years ago
- Assignee changed from Shaun Walbridge to Jim Regetz
Jim -- do you remember which characters?
#3 Updated by Nick Brand almost 8 years ago
Resetting passwords fails silently, leaving users without a way to login.
Until it's fixed there should be a warning not to use the characters which don't work.
#4 Updated by ben leinfelder over 7 years ago
- Target version changed from Unspecified to 2.2.0
- Assignee changed from Jim Regetz to Jing Tao
Jing - would be great if we can check for some special characters and fail gracefully if their password uses ones that cannot be saved in LDAP.
#5 Updated by ben leinfelder over 7 years ago
- Parent task set to #6063
#6 Updated by ben leinfelder over 7 years ago
While we do allow someone to create an account with special characters as the password, I am unable to login using the password. Tested with password: 所長願景
Perhaps we can just give people guidelines about using simple ASCII passwords?
#7 Updated by Jing Tao over 7 years ago
I agree to add guidelines for users.
#8 Updated by ben leinfelder over 7 years ago
- Parent task deleted (
#6063)
#9 Updated by Jing Tao over 7 years ago
- Target version changed from 2.2.0 to 2.2.1
- Tracker changed from Task to Bug
move it to 2.2.1
#10 Updated by ben leinfelder over 7 years ago
- Target version changed from 2.2.1 to 2.3.0
#11 Updated by ben leinfelder about 7 years ago
- Target version deleted (
2.3.0)