[MAGNOLIA-1355] Changing the password of the current user does not allow activation Created: 07/Feb/07 Updated: 13/Mar/12 Resolved: 16/Dec/11 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | activation, security |
| Affects Version/s: | 3.0.1 |
| Fix Version/s: | 4.5 |
| Type: | Bug | Priority: | Major |
| Reporter: | zam6ak | Assignee: | Jan Haderka |
| Resolution: | Fixed | Votes: | 2 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Magnolia 3.0.1 Enterprise |
||
| Issue Links: |
|
||||||||||||||||
| Template: |
|
||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
||||||||||||||||
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
||||||||||||||||
| Date of First Response: | |||||||||||||||||
| Description |
|
1. Log in as superuser on author I guess because Magnolia uses current user to log in to the subscribers, when you change your password authentication on remote subscribers fails.... |
| Comments |
| Comment by Jan Haderka [ 29/Jul/08 ] |
|
| Comment by Magnolia International [ 06/Nov/08 ] |
|
The issue at large is probably that we actually pass real credentials in the request instead of some form of authorization key. (the current mechanism only works because we store the passwords in a decodable format in the repository) |
| Comment by Brad Kazazes [ 07/Dec/09 ] |
|
I've discussed a tempory work around using the Observation module on the Wiki, http://wiki.magnolia-cms.com/display/WIKI/Auto+activation+of+user+details. It would be still good to find a more permanent solution however. |
| Comment by Eric Hechinger [ 13/Mar/12 ] |
|
Tested with 4.5.1. |