You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Charles Paulet (JIRA)" <ji...@codehaus.org> on 2007/04/27 17:45:26 UTC

[jira] Created: (CONTINUUM-1257) Identification page lock

Identification page lock
------------------------

                 Key: CONTINUUM-1257
                 URL: http://jira.codehaus.org/browse/CONTINUUM-1257
             Project: Continuum
          Issue Type: Bug
          Components: Web - Security, Web - UI
    Affects Versions: 1.1-alpha-1
         Environment: Web interface on Firefox or Mozilla
(can't test on IE)
            Reporter: Charles Paulet
            Priority: Minor


1 - The root user create a new user (projectleader) with a password ans sets privileges.
2 - The root user logs out.
3 - The projectleader logs in, AND checks the "remember me" checkbox.
4 - Continuum asks to change the projectleader password

Here if you don't delete the cookie, you can't exit the security/password.action page.
- Logout doesn't work
- Restart Continuum doesn't work
- Click menu item doesn't work

It seems, the 'remember me' checkbox set the login valid. 
But, we can't avoid, override or bypass the security check afterward.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Closed: (CONTINUUM-1257) Identification page lock

Posted by "Emmanuel Venisse (JIRA)" <ji...@codehaus.org>.

     [ http://jira.codehaus.org/browse/CONTINUUM-1257?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Emmanuel Venisse closed CONTINUUM-1257.
---------------------------------------

         Assignee: Emmanuel Venisse
       Resolution: Fixed
    Fix Version/s: 1.1-alpha-2

Fixed in plexus-redback

> Identification page lock
> ------------------------
>
>                 Key: CONTINUUM-1257
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-1257
>             Project: Continuum
>          Issue Type: Bug
>          Components: Web - Security, Web - UI
>    Affects Versions: 1.1-alpha-1
>         Environment: Web interface on Firefox or Mozilla
> (can't test on IE)
>            Reporter: Charles Paulet
>            Assignee: Emmanuel Venisse
>            Priority: Minor
>             Fix For: 1.1-alpha-2
>
>
> 1 - The root user create a new user (projectleader) with a password ans sets privileges.
> 2 - The root user logs out.
> 3 - The projectleader logs in, AND checks the "remember me" checkbox.
> 4 - Continuum asks to change the projectleader password
> Here if you don't delete the cookie, you can't exit the security/password.action page.
> - Logout doesn't work
> - Restart Continuum doesn't work
> - Click menu item doesn't work
> It seems, the 'remember me' checkbox set the login valid. 
> But, we can't avoid, override or bypass the security check afterward.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira