Opened 5 years ago

Last modified 5 years ago

#9326 assigned Bug/Something is broken not updating passwords?

Reported by: Owned by:
Priority: Urgent Component: Tech
Keywords: Cc:
Sensitive: no


Something seems to be wrong with how is handling password re-construction. I currently can only authenticate in share with a password that was changed weeks ago and has been change multiple times since then. I'm not sure why this is...I have flushed privileges on seso and restarted the login-service on hay, but the same old password continues to be validated for

The weird thing about this is that I started getting failure notices for my previously configured passwords on icedove. I cannot remember with certainty, but I believe I had updated my passwords in icedove, which leads me to believe that owncloud reverted to an earlier password (again, I do not remember for certain about this last part), but it was weird that I was getting password failures until I entered the old password.


Change History (5)

comment:1 Changed 5 years ago by

  • Owner set to
  • Status changed from new to assigned

comment:2 Changed 5 years ago by

hi jamie, similar case for me. I only can access with the initial password i used for the first time on this service, but not with the current one that supposed to be valid.

comment:3 Changed 5 years ago by

Hi all - the immediate problem is fixed: new passwords should properly work.

The reason for the failure was: whenever we re-create the special mysql hash function (that allow a mysql user to test a password but not directly access the password table), we have to re-grant permission to those functions to the "login-service" user. That's the user our login service system uses, and uses that service to authenticate users.

The reason you got strange behavior with old passwords may be because owncloud might check the built-in user table if our auth fails?


comment:4 Changed 5 years ago by

Hm. It appears that the desktop sync client for owncloud uses the built-in mysql user table, and ignore any external authentication.

And, thanks to #8125, users can no longer update their password in the built-in mysql user table. So, if a user changes their control panel password, their desktop sync'ing will stop working with no way to fix that password :(.

comment:5 Changed 5 years ago by

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.