dataflake.org

Home Documentation Software Old Stuff Bug Reporting

LDAPPluginBase.updateCredentials changes users password (Resolved)

Request LDAPMultiPlugins -- bug report -- by Sune Woeller
Posted on Oct 18, 2006 2:42 am
Subscribe

Enter your email address to receive mail on every change to this issue.

Entries (Latest first)


  Resolve by Jens Vagelpohl on Nov 1, 2006 3:13 pm
  Very good catch - it was indeed a misunderstanding. The implementation has been removed and I will also clarify the docstring in the PluggableAuthService interfaces files.
 
  Initial Request by Sune Woeller on Oct 18, 2006 2:42 am
  LDAPPluginBase.updateCredentials changes the users password in the ldap backend. I think this is an error. updateCredentials are as far as I understand not meant for changing a users password in the backend, but for setting the credentials in a cookie, session or the like when logged in (and when changing credentials when logged in ?). It is called by CookieAuthHelper.login(). The comments in ICredentialsUpdatePlugin are a bit misleading I guess.

Changing password is correctly handled by doChangeUser.

regards, Sune W.