External accounts imported via a non-DB Auth implementation (e.g. LDAP) should not store passwords

RESOLVED DUPLICATE of bug 503092

Status

()

Bugzilla
User Accounts
RESOLVED DUPLICATE of bug 503092
3 years ago
3 years ago

People

(Reporter: Marcus von Appen, Unassigned)

Tracking

Details

(Reporter)

Description

3 years ago
User Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:35.0) Gecko/20100101 Firefox/35.0
Build ID: 20150206183955

Steps to reproduce:

Login a user via LDAP for the first time.


Actual results:

The password of the user is stored in the profiles table


Expected results:

Password information of an external Auth provider should not be stored in the database. There is no need to store the password of an LDAP account in the database, since the authentication will be done against the LDAP.
(Reporter)

Updated

3 years ago
Version: 4.4.6 → 4.4.8

Comment 1

3 years ago
This issue is already discussed in bug 503092.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 503092
You need to log in before you can comment on or make changes to this bug.