Project

General

Profile

Actions
Copy link

Bug #75290

closed

empty needle-Error on login (saltedpasswords)

Added by Thomas Sperling about 8 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
felogin
Target version:
-
Start date:
2016-03-29
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
7
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

On my pretty new TYPO3 installation I have a strange behaviour.
Sometimes I can not login and i get 

#1: PHP Warning: strpos(): Empty needle in ...typo3_src/TYPO3.CMS-ecf4543/typo3/sysext/saltedpasswords/Classes/Salt/PhpassSalt.php in Line 185
...
protected function getCountLog2($setting) {
...

It seems that somehow sometimes the settings could not be loaded. If I clear the cache with install-tool everything works fine again.
I use the ig_ldap_sso_auth-extension, but I do not see any coincidences.

Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #82147: Security status report gives error when install tool password is emptyClosed2017-08-21

Actions
Actions
Copy link
 #1

Updated by Riccardo De Contardi over 7 years ago

  • Status changed from New to Needs Feedback

Hi, could you tell me if the problem persists? I see that EXT:ig_ldap_sso_auth has also been recently updated.

Thank you!

Actions
Copy link
 #2

Updated by Alexander Opitz about 7 years ago

  • Status changed from Needs Feedback to Closed

No feedback within the last 90 days => closing this issue.

If you think that this is the wrong decision or experience this issue again, then please write to the mailing list typo3.teams.bugs with issue number and an explanation or open a new ticket and add a relation to this ticket number.

Actions
Copy link
 #3

Updated by Mathias Brodala over 6 years ago

I've stumbled upon the same issue and here it was caused by user accounts without password. These are perfectly fine here since a different authentication service is used for these.

The SaltedPasswordService does not expect such user accounts and fails with the given error. Even if this could/should be fixed in the SaltedPasswordService the proper fix for us was raising the priority of our custom authentication service to ensure it executes before the SaltedPasswordService.

Actions
Copy link
 #4

Updated by Mathias Brodala over 6 years ago

  • Related to Bug #82147: Security status report gives error when install tool password is empty added
Actions
Copy link
 #5

Updated by Alexander Opitz almost 6 years ago

  • Category set to felogin

Only for Documentation, as this won't be fixed in 7LTS anymore.

This happens if a user tries to login who do not have a password set (password field is empty).

Actions
Copy link

Also available in: Atom PDF