Skip to content

Authentication handling and error messages #28

New issue
New issue
Open
Open
Authentication handling and error messages#28
@rtavcar

Description

@rtavcar
rtavcar
opened on Apr 8, 2015

Comments on login behaviour:

  1. If user is configured in LDAP and is member of one of olog's groups, login is OK.
  2. If LDAP is not configured, Olog returns a "wrong username or password" error.
  3. When logging in as existing LDAP user, which is not in any olog group (olog-logs, olog-tags, olog-logbooks or olog-admins), Olog ignores the login and keeps "Guest" logged in. No login error is reported.
  4. When logging in as bogus user, e.g. bogus:bogus, the browser's authentication pops up and infinitely requests the login data. No login error is reported by Olog.

Error message in case 2 is misleading. In cases 3 and 4, Olog should return meaningful error messages in the login screen. Message could be equal for both cases, something like "User unknown to olog."?

Cheers!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions