Set password of LDAP-logged-in user in database (!475) · Merge requests · AlekSIS® / Official / AlekSIS-Core · GitLab

Snippets Groups Projects

Merged Nik | Klampfradler requested to merge feature/keep_local_password_ldap into master 4 years ago

Having a local password is needed to make changing passwords easier. In order to catch password changes in a universal way and forward them to backends (like LDAP, in this case), getting the old password first is necessary to authenticate as that user to LDAP.

We buy the small insecurity of having a hash of the password in the Django database in order to not require it to have global admin permissions on the LDAP directory.

Advances #354 (closed) and #353 (closed)

Edited 4 years ago by Nik | Klampfradler

Activity

Nik | Klampfradler added part::backend type::feature labels 4 years ago

added part::backend type::feature labels
Nik | Klampfradler added 1 commit 4 years ago
added 1 commit

953b630b - Fix docstring

Compare with previous version
Tom Teichler marked this merge request as draft 4 years ago

marked this merge request as draft
Nik | Klampfradler added 2 commits 4 years ago
added 2 commits

5dbc795a - Save user after setting password

bc34a808 - Fail early if LDAP fails authentication

Compare with previous version
Nik | Klampfradler added 1 commit 4 years ago
added 1 commit

f92f9bbe - Set password of LDAP-logged-in user in database

Compare with previous version
Nik | Klampfradler marked this merge request as ready 4 years ago

marked this merge request as ready
Tom Teichler approved this merge request 4 years ago

approved this merge request
Tom Teichler @debdolph · 4 years ago

Owner

Tested successfully.
Jonathan Weth mentioned in commit 7a12491d 4 years ago

mentioned in commit 7a12491d
Jonathan Weth merged 4 years ago

merged

Please register or sign in to reply