• last updated 6 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Fixed account registration framework

Make sure we set a password_message

Fixed problem with usernames being not really case-sensitive, nor case-insensitive

Tweaking test cases

defaulting UseEmailForLoginP to 1

moving the password question parameters to acs-kernel. Updating parameter::get calls in local-procs to always provide a package_id (either current subsite or acs-kernel)

  1. … 2 more files in changeset.
changing test case to use auth::create_user instead of ad_user_new

Fixed problem with chaning password for a user causing the connection's authentication to change

Changed local_account_ok_p to get_local_account_status, which can also return no_account. Helps prevents problems with old cookies that do no longer have a corresponding user_id

  1. … 1 more file in changeset.
Do not dynamically build message key -- this makes it impossible to track down where, if at all, the message key is used

Fixed email sent out when user registers without a password

  1. … 1 more file in changeset.
Check that screen_name is unique when validating user info

  1. … 1 more file in changeset.
Changing user's auth_token on password change fix didn't refresh the user's login cookies

Fixed bug #74: Invalidate login cookie when password changes

Fixed bug #829 again, this time moved the username-defaulting logic out of ad_user_new and into auth::create_local_account

  1. … 2 more files in changeset.
Works with ad_user_new, which now auto-generates a username if none exists, guaranteed to be unqiue -- a little complicated, but it works

Removed old debugging log message

Changed message for needs approval

Support for account_url

removing file that was added by mistake

Fixed password expiration and approval expiration

  1. … 8 more files in changeset.
Better account closed message

Show message when test fails

Rewrite cookie handling

    • -163
    • +286
    ./authentication-procs.tcl
  1. … 8 more files in changeset.
ext-auth #20: adding support for Login over HTTPS. New acs-kernel parameter RestrictLoginToSSLP. New API in security-procs.tcl for casting requests into HTTPS mode etc. Requiring secure connection in scripts passing password (registration, login, password-update)

  1. … 8 more files in changeset.
validation error with authority_id and username moved out

Only allow editing of username for local accounts

Support updating username

Added get_sync_elements wrapper to get the user profile elements controlled by the authority

Do not fail get_parameters if the impl_id doesn't point to an implementation