Project

General

Profile

Bug #19519

Firefox prepopulates "Account username" of LDAP settings with normal user credentials

Added by Sebastian Gräßl about 3 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Users
Target version:
Difficulty:
Triaged:
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Due to lazyness admin/changeme is saved as credentials for the Foreman in Firefox.
When editing LDAP authentication, Firefox prepopulates the Account username field with "admin" (if the field is empty, as it is when LDAP allows anonymous bind).

How reproducible:
always

Steps to Reproduce:
1. save login credentials in firefox
2. go to Administer → LDAP authentication
3. create a new LDAP or edit an existing one that has an empty account username

Actual results:
account username is set to the stored satellite user by Firefox

Expected results:
account username is empty

Additional info:
Marking the field in LDAP settings as autocomplete="off" might help, but I did not test it. (see https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion)


Related issues

Has duplicate Foreman - Bug #20962: Disable autocomplete on LDAP account nameDuplicate2017-09-17

Associated revisions

Revision cdcb4a15 (diff)
Added by Tomer Brisker over 2 years ago

Fixes #19519 - Prevent autocomplete on LDAP account

History

#1 Updated by Tomer Brisker over 2 years ago

  • Has duplicate Bug #20962: Disable autocomplete on LDAP account name added

#2 Updated by The Foreman Bot over 2 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Tomer Brisker
  • Pull request https://github.com/theforeman/foreman/pull/4854 added

#3 Updated by Anonymous over 2 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#4 Updated by Marek Hulán over 2 years ago

  • Legacy Backlogs Release (now unused) set to 296

Also available in: Atom PDF