While working on this I've discovered that `user_prefs.html` and relevant
controller does checks like this:
~~~~
{% if tg.config.get('auth.method', 'local') == 'local' %}
~~~~
Because of them `/auth/preferences/` is almost empty, when using LDAP auth
provider. I.e. you can't set display name, email, etc.
I guess, this is because sfx auth method provides those settings through legacy
part of sourceforge?
To test forgotten password recovery capabilities I've changed condition to `!=
'sfx'`.
I wonder if this change should be commited? Maybe Allura instance on
sourceforge would also rely on legacy part to provide those, but I think these
preferences should be available for other deployment too, even when using LDAP
auth.
---
** [tickets:#7388] Allura's LDAP provider password managing improvements**
**Status:** in-progress
**Milestone:** limbo
**Labels:** 42cc
**Created:** Tue May 13, 2014 09:06 AM UTC by Igor Bondarenko
**Last Updated:** Tue May 13, 2014 09:10 AM UTC
**Owner:** nobody
- in `set_password` handle case, where old password is not provided ([#7342]
for reference). Use admin credentials for LDAP in this case.
- Enable `forgotten_password_process` for LDAP provider
- Store hashed password (algorithm in [#7342]). Algorithm, # of rounds and salt
length should be `.ini` options
---
Sent from sourceforge.net because [email protected] is subscribed to
https://sourceforge.net/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/allura/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.
