Actions
Bug #51941
closed
Exclusive FE usage flag in configuration has no effect
Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
2013-09-12
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
6.1
PHP Version:
Tags:
Complexity:
hard
Is Regression:
No
Sprint Focus:
Description
because authUser in SaltedPasswordService.php always return 0, if authentication fails.
Line 215:
if (intval($this->extConf['onlyAuthService']) || $this->authenticationFailed) {
$OK = 0;
}
Should be:
if (intval($this->extConf['onlyAuthService'])) {
$OK = 0;
}
Updated by Mathias Schreiber almost 10 years ago
- Target version set to 7.4 (Backend)
Updated by Susanne Moog over 9 years ago
- Target version changed from 7.4 (Backend) to 7.5
Updated by Benni Mack about 9 years ago
- Target version changed from 7.5 to 7 LTS
Updated by Helmut Hummel about 9 years ago
- Complexity set to hard
No easy fix here as the flag was introduced to fix a severe vulnerability and we need to make sure to not re-introduce it
Updated by Susanne Moog over 4 years ago
- Status changed from New to Closed
As that whole part of TYPO3 was rewritten and neither the Service class nor the options exist anymore, I'm closing the issue here. If it is still relevant, please open a new issue with the according reference to the current code.
Actions