Locked out of Admin account
311 views
Skip to first unread message
Yadin Flammer
Dec 1, 2016, 11:47:08 AM12/1/16
to ResourceSpace
I don't know what is wrong, but there seems to be a serious issue with the product currently related to authentication.
We scrapped our original test server and set up a new system. Since that was done, I have a couple times needed to go in to SQL to reset the admin password as it would not work anymore for some reason. Now I'm locked out entirely.
Reseting the password in SQL does not work, the web login still will not take it.
Trying to have a password reset email sent does not work, it says there is an smtp error for some reason.
While building a new server resolved a lot of issues we saw before that support could never explain (seems a clean install is quite different than updating on old versions), now we have this problem.
Has this been a regular issue for people? Is there a fix? If not common, any ideas why authentication keeps breaking on our system?
We scrapped our original test server and set up a new system. Since that was done, I have a couple times needed to go in to SQL to reset the admin password as it would not work anymore for some reason. Now I'm locked out entirely.
Reseting the password in SQL does not work, the web login still will not take it.
Trying to have a password reset email sent does not work, it says there is an smtp error for some reason.
While building a new server resolved a lot of issues we saw before that support could never explain (seems a clean install is quite different than updating on old versions), now we have this problem.
Has this been a regular issue for people? Is there a fix? If not common, any ideas why authentication keeps breaking on our system?
Allison Stec
Dec 1, 2016, 12:25:30 PM12/1/16
to resour...@googlegroups.com, Yadin Flammer
This issue hasn’t been expressed much on the forum, and I’ve not seen a situation in which the system simply replaces a password with something else. I have personally seen situations where my password keeper tries to change the username and password when editing users, but this is my fault for allowing the use of autofill and isn’t the fault of RS.
Is no one able to use their credentials to log in?
What’s the version that you’re running?
Is there any custom code that may be causing issue?
--
ResourceSpace: Open Source Digital Asset Management
http://www.resourcespace.org
---
You received this message because you are subscribed to the Google Groups "ResourceSpace" group.
To unsubscribe from this group and stop receiving emails from it, send an email to resourcespac...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Yadin Flammer
Dec 1, 2016, 12:26:45 PM12/1/16
to ResourceSpace
Ok seems one issue is what I would call a bug, the user name is now case sensitive. Despite appearing with a capital first letter as the name, it MUST be lower case when logging in (to match username) or it will say your password is wrong. Any other system we use the name and username are interchangeable and NOT case sensitive, so this is a rather important note.
Allison Stec
Dec 1, 2016, 12:30:44 PM12/1/16
to resour...@googlegroups.com, Yadin Flammer
That’s not a bug, but a feature that can be enabled or disabled with the config option “$case_insensitive_username”.
Fullname and username have been two different fields in RS and not interchangeable for some time, so perhaps the setting mentioned above is all you really need to resolve your issue.
Ok seems one issue is what I would call a bug, the user name is now case sensitive. Despite appearing with a capital first letter as the name, it MUST be lower case when logging in (to match username) or it will say your password is wrong. Any other system we use the name and username are interchangeable and NOT case sensitive, so this is a rather important note.
Yadin Flammer
Dec 1, 2016, 12:30:50 PM12/1/16
to ResourceSpace
Second problem, again I'd call a serious bug. If you change the account (name or username), the password is corrupted in some way and has to be reset. For the admin, this likely means going through SQL unless I guess you had another super admin maybe. This was not an issue in earlier versions.
Yadin Flammer
Dec 1, 2016, 12:33:47 PM12/1/16
to ResourceSpace, ebonw...@gmail.com
On Thursday, December 1, 2016 at 12:30:44 PM UTC-5, Allison Stec wrote:
That’s not a bug, but a feature that can be enabled or disabled with the config option “$case_insensitive_username”.Fullname and username have been two different fields in RS and not interchangeable for some time, so perhaps the setting mentioned above is all you really need to resolve your issue.
That wasn't in the older versions in my experience. Is there a document yet that details all these really important yet mostly hidden settings? From what I'm finding the documentation is still extremely light and frankly lacking.
Allison Stec
Dec 1, 2016, 12:58:10 PM12/1/16
to resour...@googlegroups.com, Yadin Flammer
This option was introduced about two years ago. Before that, username was specifically case sensitive.
The version history on the RS website does a nice job of highlighting major changes, but this change was not included.
Reviewing the commits can be helpful in learning about new options, but I don’t believe there’s any place outside of the config.default.php file itself that documents all configuration options.
Yadin Flammer
Dec 1, 2016, 2:12:12 PM12/1/16
to ResourceSpace, ebonw...@gmail.com
Reviewing the commits can be helpful in learning about new options, but I don’t believe there’s any place outside of the config.default.php file itself that documents all configuration options.
Bummer, that file is not exactly easy to read. email settings for example are spread out over 3000 lines and can be found either under mail or smtp when doing a grep. You need to know what you're looking for to find things, it really needs at the least a complete reorganization to group things by function or topic or something and probably some better keywording in comments for searching for things.
Dan Huby
Dec 2, 2016, 2:45:14 PM12/2/16
to ResourceSpace, ebonw...@gmail.com
Hi Yadin,
Agreed. Are you volunteering? :)
Dan
Frederick Yocum
Dec 5, 2016, 4:08:45 PM12/5/16
to ResourceSpace, ebonw...@gmail.com
@Dan
Having recently had a trawl through the config.default.php. I would be willing to have a go. It reminds of a combination of the wardrobe in the Lion, the Witch and ... a sock drawer.
Someone else more expert than me would have to spend a good bit of time reviewing the changed version. It won’t be a simple diff checking the original with with a updated version, because settings are sprinkled all over the place. Do you have a coding standard that you are working toward?
Dan Huby
Dec 5, 2016, 5:04:01 PM12/5/16
to ResourceSpace, ebonw...@gmail.com
Hi Frederick,
That's great! I'd be happy to review your changes.
For coding standards have a look at:
I don't think much of it would relate to the config.default.php file though.
As a starting point for the groupings, they could match/extend the groupings in Admin -> System -> System Configuration. What do you think?
Dan
Frederick Yocum
Dec 5, 2016, 10:15:58 PM12/5/16
to resour...@googlegroups.com
Grouping sounds like a plan. I will see what I can do.
For coding standards have a look at:I don't think much of it would relate to the config.default.php file though.As a starting point for the groupings, they could match/extend the groupings in Admin -> System -> System Configuration. What do you think?
Reply all
Reply to author
Forward
0 new messages