Project

General

Profile

Bug #5243

ldapweb.cgi crashes with invalid password characters

Added by Shaun Walbridge about 9 years ago. Updated about 6 years ago.

Status:
New
Priority:
Normal
Assignee:
Category:
registry
Target version:
-
Start date:
11/16/2010
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:

Description

Some characters cause the account creation process to fail out, and return a blank page to the user instead of the expected error. Noticed by Jim while assisting some folks to get set up with Morpho, on the production site at:
http://knb.ecoinformatics.org/knb/cgi-bin/ldapweb.cgi?cfg=knb

History

#1 Updated by Redmine Admin over 6 years ago

Original Bugzilla ID was 5243

#2 Updated by ben leinfelder over 6 years ago

  • Assignee changed from Shaun Walbridge to Jim Regetz

Jim -- do you remember which characters?

#3 Updated by Nick Brand over 6 years ago

Resetting passwords fails silently, leaving users without a way to login.

Until it's fixed there should be a warning not to use the characters which don't work.

#4 Updated by ben leinfelder about 6 years ago

  • Target version changed from Unspecified to 2.2.0
  • Assignee changed from Jim Regetz to Jing Tao

Jing - would be great if we can check for some special characters and fail gracefully if their password uses ones that cannot be saved in LDAP.

#5 Updated by ben leinfelder about 6 years ago

  • Parent task set to #6063

#6 Updated by ben leinfelder about 6 years ago

While we do allow someone to create an account with special characters as the password, I am unable to login using the password. Tested with password: 所長願景

Perhaps we can just give people guidelines about using simple ASCII passwords?

#7 Updated by Jing Tao about 6 years ago

I agree to add guidelines for users.

#8 Updated by ben leinfelder about 6 years ago

  • Parent task deleted (#6063)

#9 Updated by Jing Tao about 6 years ago

  • Target version changed from 2.2.0 to 2.2.1
  • Tracker changed from Task to Bug

move it to 2.2.1

#10 Updated by ben leinfelder about 6 years ago

  • Target version changed from 2.2.1 to 2.3.0

#11 Updated by ben leinfelder about 6 years ago

  • Target version deleted (2.3.0)

Also available in: Atom PDF