View Issue Details

Jump to NotesJump to History
This issue affects 3 person(s).
 20
IDProjectCategoryView StatusDate SubmittedLast Update
17693Bug reportsPluginspublic2021-11-02 21:522026-02-18 14:11
Reporterkamkom Assigned To 
PrioritynoneSeveritypartial_block 
Status confirmedResolutionopen 
Product Version5.x 
Summary17693: LDAP and 2FA plugin conflict
Description

Setting LDAP as default method of authentication disables 2FA input on login screen.

Steps To Reproduce

Steps to reproduce

Enable LDAP plugin set it as default auth method. Then activate 2FA plugin.
Expected result

On login screen there should be 3 input fields - login, password and 2fa.

Actual result

On login screen there are only 2 fields - login and password, there is no input field to enter 2fa code. Also user with activated 2FA cannot login anymore.

TagsNo tags attached.
Bug heat20
Complete LimeSurvey version number (& build)5.1.17 211025
I will donate to the project if issue is resolvedNo
BrowserGoogle Chrome
Database type & version5.5.5-10.3.29-MariaDB-0+deb10u1
Server OS (if known)Debian
Webserver software & version (if known)Apache/2.4.38
PHP Version 7.3.27

Relationships

Relationship GraphDependency Graph
related to 17434 assignedDenisChenu Feature requests TwoFactorAdminLogin work only with AuthDB 
related to 20002 closedDenisChenu Bug reports Create 2FA enforcement setting for 2FA plugin 

Users monitoring this issue

There are no users monitoring this issue.

Activities

DenisChenu

DenisChenu

2021-11-03 09:06

developer   ~67069

Not really a conflict in my opinion : https://bugs.limesurvey.org/view.php?id=17434

In general :

  1. Connect with User/pass
  2. If OK : new page with 2FA

The TwoFactorAdminLogin must work like this (in my opinion).
joeiachievedit

joeiachievedit

2022-04-07 15:03

reporter   ~68924

I ran into this issue as well - after having LDAP authentication enabled for some time I decided to go ahead and enable the 2FA plugin, only to find myself locked out. I don't disagree with @denischenu but the current functionality is broken. @galads is this something I can help with if someone defines the preferred implementation? I am on CE Version 5.1.10+210913.
FredJackson

FredJackson

2024-05-14 12:53

reporter   ~80103

Surprised this was last updated in 2022.

We use Lime Survey (public sector organisation) and the UK are now mandating AD / LDAP integration AND 2FA as a minimum security requirement for logging in to external-facing web apps.

Can this be developed, agree with @denischenu
Jelle_S

Jelle_S

2026-02-17 15:43

reporter   ~84240

I agree it should work like @DenisChenu describes, but right now it doesn't.

We have LDAP enabled an AuthDb for the admin user. We'd like to protect the admin user with 2FA, but can't right now, as the 2FA code field is not displayed on the login form. Are there any plans to fix this?
DenisChenu

DenisChenu

2026-02-17 17:11

developer   ~84243

My opinion:

  • 2FA option can have : forced Yes/No
  • 2FA option apply on "AuthDB" yes/No
  • 2FA option apply on "Other auth" (maybe list of activated Auth Plugin ?)

Jelle_S : i think you must report separatly here .
Jelle_S

Jelle_S

2026-02-18 14:11

reporter   ~84247

For our use case it should only apply to authdb, as we only want to protect the admin user with 2FA, so I'm not sure it should be a separate issue? We are experiencing the exact same issue as in the original report.

Issue History

Date Modified Username Field Change
2021-11-02 21:52 kamkom New Issue
2021-11-03 08:57 galads Assigned To => galads
2021-11-03 08:57 galads Status new => acknowledged
2021-11-03 09:05 DenisChenu Relationship added related to 17434
2021-11-03 09:06 DenisChenu Note Added: 67069
2021-11-03 09:06 DenisChenu Bug heat 0 => 2
2022-04-07 15:03 joeiachievedit Note Added: 68924
2022-04-07 15:03 joeiachievedit Bug heat 2 => 4
2022-11-28 08:55 DenisChenu Assigned To galads =>
2022-11-28 08:55 DenisChenu Status acknowledged => confirmed
2022-11-28 08:56 guest Bug heat 4 => 10
2024-05-14 12:53 FredJackson Note Added: 80103
2024-05-14 12:53 FredJackson Bug heat 10 => 12
2024-05-14 12:54 guest Bug heat 12 => 18
2025-03-12 00:49 DenisChenu Relationship added related to 20002
2026-02-17 15:43 Jelle_S Note Added: 84240
2026-02-17 15:43 Jelle_S Bug heat 18 => 20
2026-02-17 17:11 DenisChenu Note Added: 84243
2026-02-18 14:11 Jelle_S Note Added: 84247