Skip to content

use the loginname to verify the old password in user password changes #21106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rullzer merged 1 commit into from
May 26, 2020
Merged

use the loginname to verify the old password in user password changes #21106

rullzer merged 1 commit into from
May 26, 2020

Conversation

@blizzz
Copy link
Member

@blizzz blizzz commented May 25, 2020
edited
Loading

For user driven password changes, the controller was using the uid instead of the login name to verify the current password. The login name must be used instead. While it does not play a matter for local backends, e.g. LDAP environments do suffer and often end fail with misleading "wrong password".

fixes #10809

@blizzz blizzz added this to the Nextcloud 20 milestone May 25, 2020
@blizzz blizzz mentioned this pull request May 25, 2020
Closed
@ChristophWurst
Copy link
Member

ChristophWurst commented May 26, 2020

backports?

@MorrisJobke
Copy link
Member

MorrisJobke commented May 26, 2020

CI fails

@blizzz
Copy link
Member Author

blizzz commented May 26, 2020

CI fails

I'll check later today

@blizzz
Copy link
Member Author

blizzz commented May 26, 2020

/backport to stable19

@blizzz
Copy link
Member Author

blizzz commented May 26, 2020

/backport to stable18

@blizzz
Copy link
Member Author

blizzz commented May 26, 2020

/backport to stable17

@blizzz blizzz force-pushed the fix/10809/user-pwd-change-loginname branch from 92d1f0e to 653162a Compare May 26, 2020 14:53
@blizzz
Copy link
Member Author

blizzz commented May 26, 2020

CI fails

Ha, there the tests were hidden. Expected them in a different location. Should pass now :)

@MorrisJobke MorrisJobke added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels May 26, 2020
@rullzer rullzer merged commit 9bb07d3 into master May 26, 2020
@rullzer rullzer deleted the fix/10809/user-pwd-change-loginname branch May 26, 2020 19:19
This was referenced May 26, 2020
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rullzer rullzer rullzer approved these changes

@MorrisJobke MorrisJobke MorrisJobke approved these changes

@ChristophWurst ChristophWurst ChristophWurst approved these changes

@juliusknorr juliusknorr Awaiting requested review from juliusknorr

Assignees

No one assigned

Labels

4. to release Ready to be released and/or waiting for tests to finish bug feature: users and groups

Projects

None yet

Milestone

Nextcloud 20

Development

Successfully merging this pull request may close these issues.

Active Directory password change issues

5 participants

@blizzz @ChristophWurst @MorrisJobke @rullzer