[horde] password HELP!
Nicolás Valera
nvalera at gmail.com
Wed May 29 13:13:37 UTC 2013
On 05/28/2013 05:17 PM, Michael M Slusarz wrote:
> Quoting Nicolás Valera <nvalera at gmail.com>:
>
>> On 05/28/2013 03:39 PM, Michael M Slusarz wrote:
>>> Quoting Nicolás Valera <nvalera at gmail.com>:
>>>
>>>> On 05/28/2013 12:48 PM, Jan Schneider wrote:
>>>>>
>>>>> Zitat von Nicolás Valera <nvalera at gmail.com>:
>>>>>
>>>>>> On 05/24/2013 12:30 PM, Jan Schneider wrote:
>>>>>>>
>>>>>>> Zitat von Nicolás Valera <nvalera at gmail.com>:
>>>>>>>
>>>>>>>> On 05/22/2013 08:04 AM, Jan Schneider wrote:
>>>>>>>>>
>>>>>>>>> Zitat von Nicolás Valera <nvalera at gmail.com>:
>>>>>>>>>
>>>>>>>>>> Hi,
>>>>>>>>>>
>>>>>>>>>> I'm having some problems when trying to use the password
>>>>>>>>>> expiration
>>>>>>>>>> option.
>>>>>>>>>>
>>>>>>>>>> when a user reaches the soft_expiration_date, the horde
>>>>>>>>>> redirect to changepassword.php, but when you fill out the form
>>>>>>>>>> nothing happens.
>>>>>>>>>>
>>>>>>>>>> i don't see any errors in logs
>>>>>>>>>>
>>>>>>>>>> PREASE HELP!!!
>>>>>>>>>>
>>>>>>>>>> Thanks in advance
>>>>>>>>>> Nicolás.
>>>>>>>>>
>>>>>>>>> Is the form at least submitted?
>>>>>>>>
>>>>>>>> Yes Jan, the form is sent to the sever but is has no effect.
>>>>>>>> I mean, the data is sent but the old password is not checked.
>>>>>>>> Neither
>>>>>>>> the new password or the retyped.
>>>>>>>>
>>>>>>>> There is no action at all... :(
>>>>>>>
>>>>>>> Fixed in Git.
>>>>>>
>>>>>> Jan thanks for fix, but the password policy is not checked and the
>>>>>> Horde session is not destroyed after changing password.
>>>>>>
>>>>>> Thanks again!
>>>>>> Nicolás.
>>>>>
>>>>> Which password policy?
>>>>>
>>>>> For the session reset, please file a bug report.
>>>>
>>>> it's simmilar to Bug #11766 and #11789
>>>
>>> You *have* set the 'logout' parameter, right?
>>>
>>> michael
>>>
>>> ___________________________________
>>> Michael Slusarz [slusarz at horde.org]
>>>
>> Michael,
>>
>> yes, i have it.
>> the application passwd works correctly if I use it from the menu
>> "Others->My Account->Password"
>>
>> the problem is when a password expires and is updated through the
>> "changepassword.php"
>>
>> $backends['hordeauth'] = array(
>> 'name' => 'Horde Authentication',
>> 'driver' => 'Horde',
>> 'policy' => array(
>> 'minLength' => 8,
>> 'maxLength' => 18,
>> 'maxSpace' => 5,
>> 'minUpper' => 1,
>> 'minLower' => 1,
>> 'minNumeric' => 1,
>> 'minSymbol' => 1
>> ),
>> 'logout' => true,
>> );
>
> Then this has nothing to do with passwd the application and the bug
> reports you previously referred to are irrelevant.
>
> Although this conversation does beg the question: why do we have a
> separate passwd application? Or why shouldn't we fold the Horde
> changepassword code into passwd? We should not be maintaining two
> separate password changing mechanisms. (Although granted that passwd
> doesn't require the password changing mechanism to be related to
> Horde). Especially with the latter - I don't think requiring someone to
> install passwd for this lesser used feature is asking too much.
>
> But at a minimum, services/changepasswd has to be fixed. As previously
> discussed in the passwd realm, it is impossible to change the password
> accurately within a Horde session. The only way to handle this properly
> is to restart the session.
>
> michael
>
> ___________________________________
> Michael Slusarz [slusarz at horde.org]
>
Michael,
I know that has nothing to do with the application, I mentioned those
bugs because in the passwd application the session was not destroyed
after changing the password in the same way that the changepassword.php
maybe we can do something like "$registry->getLogoutUrl()->redirect();"
as was done in the passwd /lib/Basic.php to solve the problem
More information about the horde
mailing list