Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shibboleth: Convert account page fails due to password validation. #3045

Closed
kcondon opened this issue Mar 29, 2016 · 4 comments
Closed

Shibboleth: Convert account page fails due to password validation. #3045

kcondon opened this issue Mar 29, 2016 · 4 comments
Assignees
@kcondon
Labels
Feature: Account & User Info Type: Bug a defect
Milestone
4.4

Comments

@kcondon
Copy link
Contributor

kcondon commented Mar 29, 2016

While testing account conversion found it would not accept a valid password.
@kcondon kcondon added this to the 4.4 milestone Mar 29, 2016
@kcondon kcondon changed the title Shibboleth: Convert account page fails if initially enter incorrect information. Shibboleth: Convert account page fails due to password validation. Mar 29, 2016
@pdurbin pdurbin mentioned this issue Mar 29, 2016
Merged
11 tasks
@pdurbin
Copy link
Member

pdurbin commented Mar 30, 2016

Huh. Good catch @kcondon. I just tried on dataverse-internal (after first verifying the username and password are good by logging in via non-Shib) and got this:

shib_-_2016-03-30_11 23 46

[2016-03-30T11:22:23.828-0400] [glassfish 4.1] [INFO] [] [edu.harvard.iq.dataverse.Shib] [tid: _ThreadID=52 _ThreadName=jk-connector(3)] [timeMillis: 1459351343828] [levelValue: 800] [[
  Debug summary: getting username from the builtin user we looked up via email (state: PROMPT_TO_CONVERT_EXISTING_ACCOUNT).]]

[2016-03-30T11:23:09.338-0400] [glassfish 4.1] [INFO] [] [edu.harvard.iq.dataverse.Shib] [tid: _ThreadID=53 _ThreadName=jk-connector(4)] [timeMillis: 1459351389338] [levelValue: 800] [[
  builtin username: kc32816]]

[2016-03-30T11:23:09.339-0400] [glassfish 4.1] [INFO] [] [edu.harvard.iq.dataverse.authorization.providers.shib.ShibServiceBean] [tid: _ThreadID=53 _ThreadName=jk-connector(4)] [timeMillis: 1459351389339] [levelValue: 800] [[
  checking to see if kc32816 knows the password...]]

[2016-03-30T11:23:09.340-0400] [glassfish 4.1] [INFO] [] [edu.harvard.iq.dataverse.authorization.providers.shib.ShibServiceBean] [tid: _ThreadID=53 _ThreadName=jk-connector(4)] [timeMillis: 1459351389340] [levelValue: 800] [[
  The username and/or password you entered is invalid. Need assistance accessing your account?Bad username, email address, or password]]

This was working recently since @eaquigley was able to grab screenshots for #2975.

Soon, I'll try this on my laptop and on shibtest.

@pdurbin
Copy link
Member

pdurbin commented Mar 30, 2016

I just verified this bug on https://shibtest.dataverse.org running v. 4.3 build 4-origin/2939-shib-78ef2c1

I must have introduced a regression while refactoring code to make it more testable. My guess is that my API tests still work but I'll confirm either way once I'm in the code to fix the bug.

pdurbin added a commit that referenced this issue Mar 30, 2016
@pdurbin
Shib: use correct builtin creds for conversion #3045
643e455 
Also fix integration tests to fail appropriately.
@pdurbin pdurbin assigned kcondon and unassigned pdurbin Mar 30, 2016
@pdurbin
Copy link
Member

pdurbin commented Mar 30, 2016

@kcondon as we discussed 643e455 has a bug fix for a regression I introduced at 7915bf5 when I attempted to internationalize some of the strings in BuiltinAuthenticationProvider. Maybe @michbarsinai can advise us on the state of the code after 7915bf5 and how he envisions BuiltinAuthenticationProvider being internationalized. @kcondon suggests that maybe this should go in a separate issue, which isn't a bad idea. It may come up on its own as @scolapasta coordinates internationalization efforts in #209. Or maybe it's all a non-issue. I'm really not sure.

Anyway, the Shib bug should be fixed. Passing to QA.

@kcondon
Copy link
Contributor Author

kcondon commented Mar 30, 2016

Works, closing.

@kcondon kcondon closed this as completed Mar 30, 2016
pdurbin referenced this issue Jun 22, 2017
@pdurbin
Shib: pick first email if multiple asserted #2512 #2939
ffd1d6e 
- Put email addresses throught the same "find single value" logic
  originally developed in #1608 for multiple first and last names.
- Add `@ValidateEmail` to the "email" field on AuthenticatedUser to
  match BuiltinUser.
- Add null check added to EmailValidator to make it testable.
- Add `INVALID_EMAIL` and `MISSING_REQUIRED_ATTR` modes for Shib testing
  in dev.
- Remove red warning when TestShib doesn't provide "mail" attribute.
- Catch authSvc.createAuthenticatedUser exceptions and handle errors
  better.
- Reformat code (getPrettyFacesHomePageString seems ok).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kcondon kcondon

Labels
Feature: Account & User Info Type: Bug a defect
Projects
None yet
Milestone
4.4
Development

No branches or pull requests
2 participants
@pdurbin @kcondon