Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #7951 Ldap validation email
    Actions
    Infos
    #7951
    Thomas Cottier (tcottier)
    2015-09-29 09:46
    2015-03-26 11:32
    7964
    Details
    Ldap validation email
    On a tuleap platform using ldap auth with $sys_user_approval = 1 and
    $sys_ldap_default_user_status = 'P'

    When the user log in, its account is pending. The site admin has 2 options: Validating or Activating this user. If he choose to validate, the user will receive and email asking him to log onto the platform to activate its account.

    The link to the platform is: "https://example.com/account/verify.php?confirm_hash=", without any hash. I don't think its a security problem as the user has to log in and it refuses the connection if the link is used without the account validated by the admin, but it is confusing.
    Authentication & LDAP
    Empty
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Closed
    2015-09-29
    Attachments
    Artifact links
    Empty
    Empty
    References
    Referencing request #7951

    Artifact Tracker v5

    rel #8395 8.7

    Git commit

    tuleap/tuleap/stable

    Merge commit 'refs/changes/06/4506/2' of ssh://gerrit.tuleap.net:29418/tuleap into stable c4bc51ea2c
    User avatar Nicolas Terray (nterray) , 2015-09-25 11:13
    request #7951: Mail confirmation code are not properly generated for LDAP dd8a60f79f
    User avatar Sandra Echinard (sechinard) , 2015-09-23 23:11
    Merge commit 'refs/changes/24/4524/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD d06838cc9c
    User avatar Sandra Echinard (sechinard) , 2015-09-28 11:37
    request #7951: missing confirm hash feb5b37982
    User avatar Yannis ROSSETTO (rossettoy) , 2015-09-28 10:17

    Release

    release #112
    Referenced by request #7951

    Other

    gerrit #4524
    Display settings

    Follow-ups

    User avatar
    Thomas Gerbet (tgerbet)2015-09-29 09:46
    Integrated into Tuleap 8.6.99.25.
    • Status changed from Reopen to Closed
    • Close date set to 2015-09-29
    User avatar
    Nicolas Terray (nterray)2015-09-25 11:23
    Integrated into Tuleap 8.6.99.19
    • Status changed from Under review to Closed
    • Close date set to 2015-09-25
    User avatar
    Martin Hamant (martin-h)2015-04-09 11:03
    last edited by: Martin Hamant (martin-h) 2015-04-09 11:04
    Me again. Another issue I see is when the admin want to reject the account which is pending. He can choose "delete" but in this case, the account is flagged as deleted and this login name will never be able to ask a registration again. (you get "compte détruit" we trying to authenticate).

    I'm not sure if it is expected, but it may happen that we need a user to be able to register *again* even if has been deleted in the past.
    User avatar
    Martin Hamant (martin-h)2015-04-09 10:56
    Thomas, also it would be great if Tuleap admins could get a notification email when a LDAP user first login, so we can know there is a new pending account.
    Do you want me to open another issue for this ?