View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
14181 | Bug reports | Authentication | public | 2018-10-24 21:34 | 2019-01-10 17:16 |
Reporter | jpgaudreau | Assigned To | |||
Priority | none | Severity | minor | ||
Status | closed | Resolution | not fixable | ||
Product Version | 3.13.x | ||||
Summary | 14181: Untranslated LDAP error message is shown to the user when authentifcation fail because of a wrong password | ||||
Description | When LDAP authentication is used, an only english error message from LDAP is shown to the user when the authentifcation fail because of a wrong password. I think this message should be translated and more user friendly than just outputing the error message from the ldap server (see attachment print screen). Code is in the following page, at line 544: application/core/plugins/AuthLDAP/AuthLDAP.php Maybe output the message from self::ERROR_USERNAME_INVALID like we see elsewhere in the code? Thank you in advance for checking this issue! | ||||
Steps To Reproduce |
| ||||
Tags | No tags attached. | ||||
Attached Files | |||||
Bug heat | 4 | ||||
Complete LimeSurvey version number (& build) | 3.14.10 | ||||
I will donate to the project if issue is resolved | No | ||||
Browser | chrome | ||||
Database type & version | mysql 5.6 | ||||
Server OS (if known) | Redhat 7 | ||||
Webserver software & version (if known) | apache | ||||
PHP Version | 7.2 | ||||
It's the error from ldap, can be anything , bad password or something other … |
|
Hi Denis, yes you are right about that. Still, I think these error messages should be translated, or at least the very common one like "wrong password", since it is displayed to the end user. It would be quite possible to get the ldap error code with function "ldap_errno" and display an error message accordingly. (list of codes here https://www-01.ibm.com/support/docview.wss?uid=swg21214189) Regards |
|
Maybe only for some LDAP error ? Or somthing like this : |
|
I think this could be a possibility, If the "LDAP server return this error :" is translated. I found a similar behavior in the GitLab application (see attachment) But i've also checked in other application like Moodle and Jenkins (attachment) and it seems that there is always one generic "Invalid user or password" for the end user when ldap_bind fails and the ldap error details is put in a debug info (error log). Personnally, I like the second one best but the first one would be acceptable. Thanks for your feedback |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2018-10-24 21:34 | jpgaudreau | New Issue | |
2018-10-24 21:34 | jpgaudreau | File Added: ldap_wrong_password_error.png | |
2018-10-25 00:15 | DenisChenu | Note Added: 49434 | |
2018-10-25 11:32 | jpgaudreau | Note Added: 49436 | |
2018-10-25 15:12 | DenisChenu | Note Added: 49440 | |
2018-10-25 16:02 | jpgaudreau | File Added: Sign_in_·_GitLab_-_2018-10-25_09.50.59.png | |
2018-10-25 16:02 | jpgaudreau | File Added: Sign_in_[Jenkins]_-_2018-10-25_09.49.23.png | |
2018-10-25 16:02 | jpgaudreau | Note Added: 49442 | |
2019-01-10 17:16 |
|
Assigned To | => LouisGac |
2019-01-10 17:16 |
|
Status | new => closed |
2019-01-10 17:16 |
|
Resolution | open => not fixable |