I had installed Ipsilon with --ipa. The IPA admin user password had expired and needed to be reset but all I got from Ipsilon was an authentication failure.
That's a good start! I'm not sure if it is also getting the password expiration information as well. If it is it would be nice to display it.
Fields changed
milestone: => Backlog
related to #55
design_link: =>
milestone: Backlog => 1.1
owner: => rcritten rhbz: => status: new => accepted
This is easy to reproduce with IPA as the identity backend since it starts with expired passwords:
$ ipa user-add --first=Ted --last=User tuser1 --password
Set the password to something memorable.
Now try to log into Ipsilon using the auth form. The password starts as expired in IPA so will be rejected. You should see a PAM error that the auth token is expired.
patch_available: 0 => 1
master: 426f03d
resolution: => fixed status: accepted => closed
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1245445 (Red Hat Enterprise Linux 7)
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1245445 1245445]
The message is still lost if you log in via an SP. I guess I tested direct IdP logins.
milestone: 1.1 => resolution: fixed => status: closed => reopened
milestone: => 1.2
status: reopened => accepted
Fix for propogating error messages back to SP via the transaction store
https://pagure.io/ipsilon/pull-request/60
Handle error messages for SP login as well.
master: 821de26
Metadata Update from @rcritten: - Issue assigned to rcritten - Issue set to the milestone: 1.2
Log in to comment on this ticket.