New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Webdav wrong error PasswordLoginForbidden when specifying non-existing user #26123

Closed
PVince81 opened this Issue Sep 16, 2016 · 1 comment

Comments

Projects
None yet
1 participant
@PVince81
Member

PVince81 commented Sep 16, 2016

Steps:

  1. Pick a user that doesn't exist, for example "unexist"
  2. Run this:
 % curl -X PROPFIND http://unexist:x@localhost/owncloud/remote.php/webdav/
<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns" xmlns:o="http://owncloud.org/ns">
  <s:exception>OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden</s:exception>
  <s:message/>
  <o:hint xmlns:o="o:">password login forbidden</o:hint>
</d:error>

Expected result

A simple 401 without extra exception

Actual result

PasswordLoginForbidden.

Versions

master / 9.2 pre-alpha

This exception is only intended to be used for when two factor is enabled and when a client must use tokens instead of passwords.

9.1 is likely affected too.

@DeepDiver1975 @SergioBertolinSG

@PVince81 PVince81 added this to the 9.2 milestone Sep 16, 2016

@PVince81 PVince81 referenced this issue Oct 6, 2016

Merged

Fix logClientIn for non-existing users #26292

6 of 10 tasks complete
@PVince81

This comment has been minimized.

Show comment
Hide comment
@PVince81

PVince81 Oct 6, 2016

Member

Fix is here #26292

Member

PVince81 commented Oct 6, 2016

Fix is here #26292

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment