Univention Bugzilla – Bug 53202
Self service account deregistration does not work via SAML, shows generic error message
Last modified: 2021-05-04 13:36:27 CEST
The self service userprofile page can be used when logged in via SAML. On that page a user with a self registered account can click a button to delete the account. This only works when logged in directly against UMC and not via SAML. With a SAML login, a generic error message tells the user, that username or password are incorrect or that there is a permission error. The information that the account can only be deleted with a different login type might be helpful. We could also decide to make account deletion possible with a SAML login. ==> /var/log/univention/management-console-module-passwordreset.log <== 30.04.21 12:16:06.269 MODULE ( PROCESS ) : Entweder stimmen Benutzername und Passwort nicht oder Sie haben keine Berechtigung diesen Dienst zu nutzen. ==> /var/log/univention/management-console-web-server.log <== 30.04.21 12:16:06.270 MAIN ( PROCESS ) : CPCommand (10.205.2.49:51404) response status code: 403 30.04.21 12:16:06.270 MAIN ( PROCESS ) : CPCommand (10.205.2.49:51404) response reason : None 30.04.21 12:16:06.270 MAIN ( PROCESS ) : CPCommand (10.205.2.49:51404) response message: Entweder stimmen Benutzername und Passwort nicht oder Sie haben keine Berechtigung diesen Dienst zu nutzen. 30.04.21 12:16:06.270 MAIN ( PROCESS ) : CPCommand (10.205.2.49:51404) response result: None 30.04.21 12:16:06.270 MAIN ( PROCESS ) : CPCommand (10.205.2.49:51404) response error: {'traceback': None, 'command': 'deregister_account'}
Is this a regression in UCS 5.0?