#69 Handle expired passwords
Closed: Fixed None Opened 7 years ago by rcritten.

I had installed Ipsilon with --ipa. The IPA admin user password had expired and needed to be reset but all I got from Ipsilon was an authentication failure.

That's a good start! I'm not sure if it is also getting the password expiration information as well. If it is it would be nice to display it.

Fields changed

milestone: => Backlog

related to #55

design_link: =>

Fields changed

milestone: Backlog => 1.1

Fields changed

owner: => rcritten
rhbz: =>
status: new => accepted

This is easy to reproduce with IPA as the identity backend since it starts with expired passwords:

$ ipa user-add --first=Ted --last=User tuser1 --password

Set the password to something memorable.

Now try to log into Ipsilon using the auth form. The password starts as expired in IPA so will be rejected. You should see a PAM error that the auth token is expired.

patch_available: 0 => 1

master: 426f03d

resolution: => fixed
status: accepted => closed

The message is still lost if you log in via an SP. I guess I tested direct IdP logins.

milestone: 1.1 =>
resolution: fixed =>
status: closed => reopened

Fields changed

milestone: => 1.2

Fields changed

status: reopened => accepted

Fix for propogating error messages back to SP via the transaction store


Handle error messages for SP login as well.

master: 821de26

resolution: => fixed
status: accepted => closed

Metadata Update from @rcritten:
- Issue assigned to rcritten
- Issue set to the milestone: 1.2

5 years ago

Login to comment on this ticket.