Bug 48897 – ugly error message in password change

Bug 48897 - ugly error message in password change


Summary:	ugly error message in password change

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Self Service
Version:	UCS 4.4
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.4-0-errata
Assigned To:	Felix Botner
QA Contact:	Florian Best

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2019-03-07 15:04 CET by Felix Botner
Modified:	2019-03-27 13:29 CET (History)
CC List:	1 user (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	2: Improvement: Would be a product improvement
Who will be affected by this bug?:	3: Will affect average number of installed domains
How will those affected feel about the bug?:	1: Nuisance – not a big deal but noticeable
User Pain:	0.034
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Felix Botner

2019-03-07 15:04:32 CET

UCS without samba !!!

(a)
Password change with old_password == new_password:

Passwort ändern fehlgeschlagen. Der Grund konnte nicht festgestellt werden. Für den Fall, dass es hilft, hier die originale Fehlernachricht: Passwort nicht geändert. Errorcode 20: Das neue Passwort konnte nicht gesetzt werden.


In contrast the error message for a too short password:

Passwort ändern fehlgeschlagen. Das Passwort ist zu kurz.


(b) 
Password change for a deactivated account

Ungültige Zugangsdaten. Passwortwechsel fehlgeschlagen.

This message could be better too

Comment 1 Florian Best

2019-03-07 15:17:13 CET

We should find out what is broken in Samba! If this is fixed, PAM doesn't send such a ugly error message.

Comment 2 Felix Botner

2019-03-14 15:58:13 CET

(In reply to Florian Best from comment #1)
> We should find out what is broken in Samba! If this is fixed, PAM doesn't
> send such a ugly error message.

UCS without samba!!!

Comment 3 Felix Botner

2019-03-14 15:58:51 CET

this breaks 86_selenium.10_product_test_password_change.test

Comment 4 Felix Botner

2019-03-14 16:01:30 CET

if i change the pam config for passwd to exactly the same as umc, i get

-> passwd test2
Current Kerberos password: 
Geben Sie ein neues Passwort ein: 
Passwort nicht geändert
passwd: Fehler beim Ändern des Authentifizierungstoken
passwd: Passwort nicht geändert

-> LC_ALL=C passwd test2
Current Kerberos password: 
New password: 
Password unchanged
passwd: Authentication token manipulation error
passwd: password unchanged

These two error messages (Passwort nicht geändert, password unchanged) are not in the "The password was already used." error list in univention/management/console/pam.py. I guess we have to add them.

Comment 5 Felix Botner

2019-03-14 16:30:00 CET

fixed in univention-management-console

aca9f219e8b186dcb2a28b20237703cccdf5e560
365d9748aa4c965bd3d50aea98d975307bddcc2c

yaml

cb2002f87ea2072efe87370ea32191dca7547aaa

QA:
please also check 86_selenium.10_product_test_password_change.test

Comment 6 Florian Best

2019-03-14 16:50:00 CET

OK: password change messages

The test case fails in my environment:
selenium.common.exceptions.WebDriverException: Message: unknown error: Element <div class="umcGalleryNameContent">...</div> is not clickable at point (507, 236). Other element would receive the click: <div class="appInnerWrapper umcGalleryItem">...</div>

But I will have a look tomorrow in jenkins, it's probably something with the configuration.

OK: YAML

Comment 7 Arvid Requate

2019-03-27 13:29:29 CET

<http://errata.software-univention.de/ucs/4.4/25.html>