[Freeipa-devel] [PATCH] Added fix for notifying user about account expiration in Web UI
Petr Vobornik
pvoborni at redhat.com
Fri Apr 15 15:59:25 UTC 2016
On 04/13/2016 11:42 AM, Abhijeet Kasurde wrote:
> Ping
>
> On 03/22/2016 04:32 PM, Abhijeet Kasurde wrote:
>> Hi All,
>>
>> Please find the updated patches as per review comments.
>>
>> On 03/18/2016 07:39 PM, Petr Vobornik wrote:
>>> On 03/18/2016 02:21 PM, Abhijeet Kasurde wrote:
>>>> Hi All,
>>>>
>>>> Please review these patches.
>>>>
>>>> Fixes : https://fedorahosted.org/freeipa/ticket/5077
>>>>
>>>> Thanks,
>>>> Abhijeet Kasurde
>>>>
>>>
>>> 'invalid' is a default and right now is meant for invalid password(not
>>> correct, see below). So by reading the patch, it will break the case when
>>> user sets invalid password.
>>>
>>> Better would be to process kinit output in rpcserver.py:login_password and
>>> set e.g: 'krbprincipal-expired' reason.
>>>
>>> Then add it to a list of known errors in ipa.js:login_password:498. We should
>>> probaly add also 'invalid-password' to the list.
>>>
>>> Then do the change as in this patch but only with: 'krbprincipal-expired'.
>>>
>>> If 'invalid-password' is added to the list of know errors then we should
>>> change the default error from "The password or username you entered is
>>> incorrect. " to e.g.: 'Login failed from unknown reason"
>>>
>> Thanks Petr for suggestions.
>>
>> Thanks,
>> Abhijeet Kasurde
>>
ACK
pushed to master:
* 2a20c746336f85c4a9bd095db242de11f0015903 Added fix for notifying user
about Kerberos principal expiration in WebUI
--
Petr Vobornik
More information about the Freeipa-devel
mailing list