Univention Bugzilla – Bug 44720
password change dialog is shown only once
Last modified: 2017-06-15 17:58:22 CEST
User with "change password on next login" After logon and a wrong password during the password change dialog, the UMC change password dialog is not shown again, only the logon dialog. Seems that the new_password (created during the first password change dialog) is keept during the session and frontend and backend silently try to change the account's password with this "new password" upon logon and never again ask for a new password. UMC auth R {"options":{"username":"test2","password":"univention"}} A The password has expired and must be renewed. UMV PWD Change R {"options":{"username":"test2","password":"univention","new_password":"univention"}} A Changing password failed. The password was already used UMC auth R {"options":{"username":"test2","password":"univention","new_password":"univention"}} A Changing password failed. The password was already used
svn r77105 broke it! In svn r77304 I fixed a lot of regressions caused by r77105 but didn't fix this one here. I don't think the fix introduces any side effects, I tested also that the login form is filled out if e.g. the query string contains ?username=root or if the browser stored the username+password, which is then successfully inserted again. univention-management-console.yaml: r80002 | YAML Bug #44720 univention-management-console (9.0.80-46): r80001 | Bug #44720: if changing an expired password fails the form was not reset leading to impossible authentication
OK - univention-management-console password change OK - univention-management-console.yaml
<http://errata.software-univention.de/ucs/4.2/40.html>