Closed Bug 1133216 Opened 10 years ago Closed 10 years ago

External accounts imported via a non-DB Auth implementation (e.g. LDAP) should not store passwords

Categories

(Bugzilla :: User Accounts, defect)

Product:
Bugzilla
Component:
User Accounts
Version:
4.4.8
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 503092

People

(Reporter: mva, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:35.0) Gecko/20100101 Firefox/35.0 Build ID: 20150206183955 Steps to reproduce: Login a user via LDAP for the first time. Actual results: The password of the user is stored in the profiles table Expected results: Password information of an external Auth provider should not be stored in the database. There is no need to store the password of an LDAP account in the database, since the authentication will be done against the LDAP.
Version: 4.4.6 → 4.4.8
This issue is already discussed in bug 503092.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.