New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[fix] SSOwat crash after password change #114

Merged
merged 3 commits into from Jan 17, 2019

Conversation

Projects
None yet
4 participants
@Josue-T
Copy link
Contributor

Josue-T commented Jan 7, 2019

Problem

SSOwat crash when we change the password.

I found the reason of this issue when I see the LDAP log. I saw that the LDAP connection fail here https://github.com/YunoHost/SSOwat/blob/stretch-unstable/helpers.lua#L353 by the error 49 (which is unauthorized).
I after saw that the connection was tried with the old password, which was invalid.

Solution

Remove the password in the cash in the deconnection.

@alexAubin
Copy link
Member

alexAubin left a comment

That sounds legit to me but I really have a limited understanding of the whole cookie / ldap thing in ssowat.

Any opinion on this ?

@alexAubin

This comment has been minimized.

Copy link
Member

alexAubin commented Jan 17, 2019

I tried the following (c.f. YunoHost/issues#770 ) and it is not fixed by this branch I believe ... Can you clarify what exactly is the issue ?

I did :

  • Create a user
  • Log in the SSO
  • From the webadmin, change the password of the user
  • On the SSO page, refresh
  • Encounter error 500

(For now the manual fix to this is to restart nginx)

@Josue-T

This comment has been minimized.

Copy link
Contributor

Josue-T commented Jan 17, 2019

Yes it's that issue that I encounter.

It worked on my side. But I will try a new time to test if this patch really fix the issue.

@alexAubin

This comment has been minimized.

Copy link
Member

alexAubin commented Jan 17, 2019

Discussing with Bram : isn't it rather about changing the password from the SSO rather than the webadmin ?

Edit: well nope, I can't find/reproduce any issue related to changing password from the SSO ...

@Josue-T

This comment has been minimized.

Copy link
Contributor

Josue-T commented Jan 17, 2019

Yes it's true. It's when you change by an other way than from the SSO. It's when I changed by the CLI that I saw this issue

@Josue-T

This comment has been minimized.

Copy link
Contributor

Josue-T commented Jan 17, 2019

Now it should be fixed also when you don't disconnect before to change the password.

@alexAubin alexAubin changed the title Fix SSOwat crash after password change [fix] SSOwat crash after password change Jan 17, 2019

@alexAubin alexAubin added this to the 3.4.x milestone Jan 17, 2019

@alexAubin alexAubin merged commit b5ce673 into stretch-unstable Jan 17, 2019

@alexAubin alexAubin deleted the fix_password_issue branch Jan 17, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment