The foswiki svn repository is obsolete. Developers should register for a http://github.com/ account for commit access to foswiki project. Github is ready for updates.

Item1953: Login manager generates an internal server error if the credentials can't be verified

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Urgent Closed Engine    
Try an invalid login at http://trunk.foswiki.org/bin/login/Main/WebHome?origurl=/Main/WebHome.

Here is a temporary patch that fixes it again:
--- lib/Foswiki/LoginManager.pm (revision 4700)
+++ lib/Foswiki/LoginManager.pm (working copy)
@@ -348,7 +348,8 @@
              $sessionUser && $sessionUser eq $Foswiki::cfg{AdminUserLogin});
     }

-    if (!$authUser) {
+    if (0 && # FLAWED CODE BELOW
+        !$authUser) {

         # if we couldn't get the login manager or the http session to tell
         # us who the user is, check the username and password URI params.
@@ -377,6 +378,8 @@
         }
     }

+    $authUser ||= $defaultUser;
+
     # We should have a user at this point; or $defaultUser if there
     # was no better information available.

-- MichaelDaum - 21 Aug 2009

A better workaround, that doesn't cripple URL logins, should be:
Index: LoginManager.pm
===================================================================
--- LoginManager.pm   (revision 4727)
+++ LoginManager.pm   (working copy)
@@ -359,10 +359,11 @@
             my $validation = $pwchecker->checkPassword( $login, $pass );
             unless ($validation) {
                 my $res = $session->{response};
-                $res->header( -type => 'text/html', -status => '401' );
+#                $res->header( -type => 'text/html', -status => '401' );
                 my $err = "ERROR: (401) Can't login as $login";
-                $res->print($err);
-                throw Foswiki::EngineException( 401, $err, $res );
+#                $res->print($err);
+#                throw Foswiki::EngineException( 401, $err, $res );
+                undef $login;
             }
             $authUser = $login || $defaultUser;
             _trace($this, "URI params say user is $authUser");
(untested)

-- CrawfordCurrie - 31 Aug 2009

confirmed. patch applied unmodified to trunk, and login works on my testbed again.

mucho ta - ifyou don't commit it asap, I will smile

-- SvenDowideit - 02 Sep 2009

Please do - my trunk is all bunged up.

-- CrawfordCurrie - 10 Sep 2009

ItemTemplate edit

Summary Login manager generates an internal server error if the credentials can't be verified
ReportedBy MichaelDaum
Codebase
SVN Range Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins Foswikirev:4777 Foswikirev:7876
TargetRelease minor
ReleasedIn 1.1.0
Topic revision: r11 - 04 Oct 2010, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License