[Bug 279724] New: LDAP password is requested while this is already stored in kwallet

Geert Janssens info at kobaltwit.be
Tue Aug 9 11:30:16 BST 2011 

https://bugs.kde.org/show_bug.cgi?id=279724

           Summary: LDAP password is requested while this is already
                    stored in kwallet
           Product: Akonadi
           Version: 1.5.3
          Platform: Fedora RPMs
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: NOR
         Component: general
        AssignedTo: kdepim-bugs at kde.org
        ReportedBy: info at kobaltwit.be


Version:           1.5.3 (using KDE 4.6.5) 
OS:                Linux

I'm not sure what component is responsible for this, so I chose Akonadi -
general.

Here's my use case:
When I start kontact (on one machine) or kmail only (on another machine), this
will ask to open kwallet for the passwords it requires. This works fine.

If I enter the kwallet master password fairly quickly, all proceeds normally.
If, however, I wait too long to enter this master password (say because I went
to get some coffee first), a second dialog will pop up after the kwallet master
password is entered that asks for my LDAP password.

I assume this LDAP password is required for my LDAP based address book. This
LDAP password is also stored in kwallet and works fine. This should be clear
from the use case where I am fast enough to unlock kwallet. In that case
kontact/kmail never asks for the LDAP password and my address book works fine.

It is only when I wait long enough to unlock kwallet that I get asked for an
LDAP password. And even in that case, kontact/kmail already know the password,
because it's prefilled in the LDAP dialog. So with only hitting ok, I can
continue.

This behaviour suggests that an LDAP connection is attempted before the user
unlocks kwallet. If it takes long enough to unlock, the LDAP connection attempt
times out and triggers a password request.

Reproducible: Always

Steps to Reproduce:
- Setup an LDAP address book and store the LDAP credentials in kwallet
- Log out and back in to reset the password caches
- Start kmail
- When the kwallet unlock dialog appears, wait a while (my guess would be at
least a minute)
- Unlock kwallet

Actual Results:  
As soon as the kwallet unlock dialog closes, a new dialog appears to ask for
the LDAP password. Note that this password is prefilled in the dialog, so
clearly kmail already knows it.

Expected Results:  
The second dialog should only appear if the LDAP password was not in kwallet or
the one in kwallet was invalid, not because a user takes quite a long time to
unlock kwallet.

For me as an experienced user, this is only a small problem. I understand both
dialogs and their purpose. But I support a number of casual users and having
two dialogs pop up confuses them to no end. This is even more complicated by
the fact that the kwallet master password is different from the LDAP password
(for obvious security reasons). However since the users have a very hard time
discriminating the two different password requests they often end up trying
their kwallet passwords for the ldap password request (thinking they simply
mistyped their kwalled password the first time). This of course doesn't work
and worse, a wrong password then gets stored in kwallet, requiring regular
administrator intervention.

-- 
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the Kdepim-bugs mailing list