Bug #69153
closed
Password in form is transferred as asterisks to TYPO3
Added by Olaf Döring over 9 years ago.
Updated about 7 years ago.
Sprint Focus:
Remote Sprint
Description
Testing with current 3.0.2-dev and TYPO3 7.4 the password for connecting to the LDAP-Server is stored as "********" in database.
Changing it directly in database to the correct password will work and password will be kept correctly if you do not change it.
Changing the Password in Backend-Form will also store "********" in Database.
Testet in Chrome and Internet Explorer 11. Perhaps it is an TYPO3 7.4 issue.
- Status changed from New to Accepted
Post request contains the asterisks:
------WebKitFormBoundary8dsJqzTTfI8XX6Lg
Content-Disposition: form-data; name="data[tx_igldapssoauth_config][3][ldap_password]_hr"
********
------WebKitFormBoundary8dsJqzTTfI8XX6Lg
Content-Disposition: form-data; name="data[tx_igldapssoauth_config][3][ldap_password]"
********
------WebKitFormBoundary8dsJqzTTfI8XX6Lg
- Project changed from 614 to TYPO3 Core
- Subject changed from Password not written to database to Password in form is transferred as asterisks to TYPO3
- Target version set to 7.5
- PHP Version set to 5.6
- Is Regression set to Yes
- Sprint Focus set to Remote Sprint
How to reproduce¶
E.g., with EXT:ig_ldap_sso_auth, trying to create a standard record of type LDAP/SSO configuration.
Symptom¶
The Bind Password (second tab) cannot be saved, it is systematically converted to '*********' both in main field and in human readable one (_hr suffix in FormEngine).
Analysis¶
The faulty value is put into fields when the password field looses the focus, turning password into garberish but not storing the plain text (real) password either, making it impossible to retrieve it at a later stage and thus effectively persisting '*********' to the database.
- Status changed from Accepted to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/42858
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
- Status changed from Resolved to Closed
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by