Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Respect the disabled setting for lost_password_link #12552

Merged
merged 1 commit into from
Nov 20, 2018
Merged

Respect the disabled setting for lost_password_link #12552

merged 1 commit into from
Nov 20, 2018

Conversation

rullzer
Copy link
Member

@rullzer rullzer commented Nov 20, 2018

Fixes #11146
As documented when it is set to disabled the user can't request a lost
password.

Signed-off-by: Roeland Jago Douma roeland@famdouma.nl

@rullzer
Respect the disabled setting for lost_password_link
43d6ae7 
Fixes #11146
As documented when it is set to disabled the user can't request a lost
password.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
@rullzer rullzer added this to the Nextcloud 15 milestone Nov 20, 2018
@rullzer
Copy link
Member Author

rullzer commented Nov 20, 2018

/backport to stable14

MorrisJobke
MorrisJobke approved these changes Nov 20, 2018
View reviewed changes
Copy link
Member

@MorrisJobke MorrisJobke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested and works 👍

MariusBluem
MariusBluem approved these changes Nov 20, 2018
View reviewed changes
Copy link
Member

@MariusBluem MariusBluem left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense :)

@MorrisJobke MorrisJobke added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Nov 20, 2018
@rullzer rullzer merged commit e73bfd5 into master Nov 20, 2018
@rullzer rullzer deleted the fix/11146/respect_disabled_password_reset branch November 20, 2018 14:52
@backportbot-nextcloud backportbot-nextcloud bot mentioned this pull request Nov 20, 2018
Merged
@backportbot-nextcloud
Copy link

backport to stable14 in #12555

@MorrisJobke MorrisJobke mentioned this pull request Nov 22, 2018
Merged
7 tasks
HigH-HawK
HigH-HawK reviewed Nov 27, 2018
View reviewed changes
Copy link

@HigH-HawK HigH-HawK left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It works as far as it removes the link from the login page but it causes the LDAP function to misbehave.

As mentioned in the forums: https://help.nextcloud.com/t/ldap-error-in-14-0-4-after-changing-lost-password-link-behaviour-bind-failed-50-insufficient-access/42060

When this change is being done and the user enters a wrong password, the user is getting an internal server error and the NC log states that it could not connect to the LDAP server, despite the LDAP server being available as other users could login fine at the same time.

Further testing brought to daylight, that this behaviour only happens if the entered username is part of the LDAP server. If you enter a fictional username and password, it brings up the correct message "wrong password"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@HigH-HawK HigH-HawK HigH-HawK left review comments

@MariusBluem MariusBluem MariusBluem approved these changes

@MorrisJobke MorrisJobke MorrisJobke approved these changes

@nickvergessen nickvergessen Awaiting requested review from nickvergessen

@ChristophWurst ChristophWurst Awaiting requested review from ChristophWurst

@juliusknorr juliusknorr Awaiting requested review from juliusknorr

@danxuliu danxuliu Awaiting requested review from danxuliu

Assignees
No one assigned
Labels
4. to release Ready to be released and/or waiting for tests to finish bug regression
Projects
None yet
Milestone
Nextcloud 15
Development

Successfully merging this pull request may close these issues.
4 participants
@rullzer @MorrisJobke @MariusBluem @HigH-HawK