The mailing list for listmasters using Sympa

[Olivier Salaün - CRU <address@concealed>]

Hi Michael,

When the user should be authenticated via an LDAP backend, Sympa should never 
remind him of any password or ask him to choose one.
We take care of that if auth.conf does not allow AT ALL the use of the 
'user_table' (ie Sympa's own authentication backend).

What is still to be done : Sympa should not enter/advertise password 
management features if we were able to detect
that the user is not conserned (applying a regexp on the user email address).

Could you please fill out a bug report for these inconsistencies :
http://listes.cru.fr/mantis

Thank you.

Michael Redinger wrote:
[...]
> I found some more issues:
> [...]
> If I use the auth.conf file as described (including the regexp and negative_regexp), 
> select "send me a password" and enter my e-mail
> address (address@concealed), sympa sends me a password (but I 
> cannot use that password as sympa only tries LDAP authentication).
> I have also provided a authentication_info_url line in the configuration ~ 
> and thought that I should not get a password then but should be sent to
> that page instead.
> [...]
> Another possible bug:
> When I try to login (using my e-mail address or the uid) but enter a wrong 
> password, I am redirected to a page stating that the password is
> wrong. When I now enter the correct password, login succeeds, but I also get 
> the message that I am already logged in. Same in the log file:

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature