Issue with "force password change on next login" feature with LDAP
Concerned version
Version: %2.0.5
Platform: Nginx/uwsgi
Summary
We have some issue with the "force password change on next login" feature when the user's password is reset by an admin. We are using LDAP as authentication, user and password module.
Here is the process :
- an admin change manually the password of a user that lost his password
- when the user log in with the new password, there is the message saying that the password was reset and the user have to create a new one as expected
- finally, after filling both inputs with same password, the user hit "Send" to validate his new password
And here is our problem : instead of beeing redirect to the portal with a message saying that the password has been changed, we are prompt with a new form and a message saying "Password field must be filled"
We've check the logs from the LDAP server but we didn't see any request from the client host. But when we checked the llng-portal logs, we've seen the line "Processing extractFormInfo" followed with the error code 67. So we suspect that this is due to a LemonLDAP bug and not a LDAP server side error.
Logs
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Get configuration 122.
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Lemonldap::NG::Handler::PSGI::Main: configuration is up to date
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [info] No cookie found
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Build URL http://dev.internet.sso.intranet.justice.gouv.fr:8080/?cancel=1
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Redirect 1.3.6.10 to portal (url was /?cancel=1)
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] User not authenticated, Try in use, cancel redirection
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Start routing default route
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Processing restoreArgs
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Processing controlUrl
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Processing code ref
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Cancel called, push authCancel calls
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Processing code ref
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Launching ::Plugins::AutoSignin::check
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Processing extractFormInfo
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Returned error: 67
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Skin returned: login
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Calling sendHtml with template login
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Skin skintig selected from GET/POST parameter
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Starting HTML generation using /usr/share/lemonldap-ng/portal/templates/skintig/login.tpl
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Skin skintig selected from GET/POST parameter
[Fri Aug 30 12:04:16 2019] [LLNG:40572] [debug] Sending /usr/share/lemonldap-ng/portal/templates/skintig/login.tpl