View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000895 | Main CAcert Website | my account | public | 2010-11-24 17:31 | 2013-01-15 15:17 |
| Reporter | Uli60 | Assigned To | edgarwahn | ||
| Priority | normal | Severity | major | Reproducibility | sometimes |
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 2010 Q4 | ||||
| Summary | 0000895: Login to Testserver-Mgmt-System doesn't work (identified to have special char "§" in password) | ||||
| Description | Problem first seen 2010-09-28 on an Assurances event in Frankfurt with several users, one had a problem, not receiving an email (no spam folder, no blocking) Verification of the Useraccount creation reports: user: account not verified assurer: searching the email address: account not verified Support-Engineer: Sysadmin console: user doesn't exist Same problem now happened today on testserver. User joined, created an account. Login to Testserver-Mgmt-System ends with an error message: https://ca-mgr1.it-sls.de/login/login: An error occurred Application error Exception information: Message: LoginController::loginAction: ID unknown Stack trace: #0 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Controller/Action.php(513): LoginController->loginAction() #1 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Controller/Dispatcher/Standard.php(289): Zend_Controller_Action->dispatch('loginAction') 0000002 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Controller/Front.php(946): Zend_Controller_Dispatcher_Standard->dispatch(Object(Zend_Controller_Request_Http), Object(Zend_Controller_Response_Http)) 0000003 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Application/Bootstrap/Bootstrap.php(77): Zend_Controller_Front->dispatch() 0000004 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Application.php(358): Zend_Application_Bootstrap_Bootstrap->run() 0000005 /var/www/ca-mgr1.it-sls.de/manager/public/index.php(46): Zend_Application->run() 0000006 {main} Request Parameters: array ( 'controller' => 'login', 'action' => 'login', 'module' => 'default', 'login_name' => 'user@domain', 'login_password' => 'user-password', 'submit' => 'Login', ) Search email address on SE level thru Support-Engineer Console ends: user not found Search thru Assurer form - Assure someone lists user form. | ||||
| Steps To Reproduce | join, set password that includes special char "§" or change password on existing account to new password including "§" login to Testserver-Mgmt-System -> fails login to Testserver works. | ||||
| Tags | No tags attached. | ||||
| Reviewed by | |||||
| Test Instructions | |||||
|
|
NEOatNHNG pushed, to dump the users record on testserver |
|
|
Testserver problem: email sent, email received testserver-mgmt-system users-inbox so problem is concentrated on testserver-mgmt-system login |
|
|
edgarwahn dumped user record: password: 96a8970dde871262b3fd5db480fc875604c0612d user executed commandline tool for sha1 echo -n "userpassword-with-special-char-§"|sha1sum 96a8970dde871262b3fd5db480fc875604c0612d - sha1 is identical to the sha1 in database. Login to testserver works. Login to Testserver-Mgmt-System not. Verification: create new account, using a "normal" password w/o special char "§" login to Testserver-Mgmt-System works, confirmation mail could be used. Account confirmed. Next step, login, change password, now new password includes special char "§". Logout, Login onto testserver works. Login onto Testserver-Mgmt-System ends in error state: -------------------------------------------------------------------- An error occurred Application error Exception information: Message: LoginController::loginAction: ID unknown Stack trace: #0 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Controller/Action.php(513): LoginController->loginAction() #1 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Controller/Dispatcher/Standard.php(289): Zend_Controller_Action->dispatch('loginAction') 0000002 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Controller/Front.php(946): Zend_Controller_Dispatcher_Standard->dispatch(Object(Zend_Controller_Request_Http), Object(Zend_Controller_Response_Http)) 0000003 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Application/Bootstrap/Bootstrap.php(77): Zend_Controller_Front->dispatch() 0000004 /var/www/ca-mgr1.it-sls.de/external/ZendFramework-1.9.5/library/Zend/Application.php(358): Zend_Application_Bootstrap_Bootstrap->run() 0000005 /var/www/ca-mgr1.it-sls.de/manager/public/index.php(46): Zend_Application->run() 0000006 {main} Request Parameters: array ( 'controller' => 'login', 'action' => 'login', 'module' => 'default', 'login_name' => 'wolfgang@wiamail.de', 'login_password' => 'Axxx4§Bcd#', 'submit' => 'Login', ) -------------------------------------------------------------------- now login to testserver, works change password back to a password w/o special char "§" works. Login to Testserver-Mgmt-System - works (!) Testserver, change password back to password with special char "§" login to Testserver-Mgmt-System fails again |
|
|
edgarwahn: Nov 25 14:58:16 ca-mgr1 web[18195]: INFO: LoginController::loginAction authenticate <users-email> 75d5ba9ff5f8d02f3881a07fbd4f5e47bcd4ea69 sha1 is not identical cacert1 => content-type charset iso-8859-1 ca-mgr1 => content-type charset utf-8 there have to be somewhere a conversion maybe at LoginController sha1(utf8_decode(...)); fixed. |
|
|
tests with "§" in password confirms problem between testserver and Testserver-Mgmt-System |
|
|
identified charset to be the problem: cacert1 => content-type charset iso-8859-1 ca-mgr1 => content-type charset utf-8 |
|
|
login to https://ca-mgr1.it-sls.de now works with special char in password |
|
|
remaining problems: name changed to 'Schröter', displays as 'Schr?ter' (lower right corner box) email subject displays as '=?utf-8?B?W0NBY2VydC5vcmddIEtlbm53b3J0LVVwZGF0ZS1NaXR0ZWlsdW5n?=' others are in clear ascii '[CAcert.org] Email Notification' |
|
|
password problem solved, other problems (display problems) are still open |
|
|
problem has been solved no further problems with special chars in passwords |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2010-11-24 17:31 | Uli60 | New Issue | |
| 2010-11-24 17:41 | Uli60 | Note Added: 0001800 | |
| 2010-11-24 18:21 | Uli60 | Note Added: 0001801 | |
| 2010-11-25 13:01 | Uli60 | Note Added: 0001802 | |
| 2010-11-25 13:05 | Uli60 | Summary | User Joins, but doesn't receive Initmail, login message: account not verified => Login to Testserver-Mgmt-System doesn't work (identified to have special char "§" in password) |
| 2010-11-25 13:05 | Uli60 | Steps to Reproduce Updated | |
| 2010-11-25 15:03 | Uli60 | Note Added: 0001803 | |
| 2010-11-25 15:05 | Uli60 | Note Added: 0001804 | |
| 2010-11-25 15:05 | Uli60 | Assigned To | => Uli60 |
| 2010-11-25 15:05 | Uli60 | Status | new => confirmed |
| 2010-11-25 15:06 | Uli60 | Note Added: 0001805 | |
| 2010-11-25 15:06 | Uli60 | Assigned To | Uli60 => edgarwahn |
| 2010-11-25 15:06 | Uli60 | Status | confirmed => needs work |
| 2010-11-27 15:24 | Uli60 | Note Added: 0001807 | |
| 2010-11-27 15:37 | Uli60 | Note Added: 0001808 | |
| 2010-11-27 15:41 | Uli60 | Note Edited: 0001808 | |
| 2010-11-27 15:43 | Uli60 | Note Added: 0001809 | |
| 2010-11-27 15:43 | Uli60 | Status | needs work => solved? |
| 2011-07-15 00:09 | Uli60 | Note Added: 0002140 | |
| 2011-07-15 00:09 | Uli60 | Status | solved? => closed |
| 2011-07-15 00:09 | Uli60 | Resolution | open => fixed |
| 2012-12-23 07:16 | Werner Dworak | Relationship added | related to 0000851 |
| 2012-12-23 07:34 | Werner Dworak | Relationship added | related to 0001097 |
| 2013-01-15 15:17 | Werner Dworak | Fixed in Version | => 2010 Q4 |
