[Bug 279724] New: LDAP password is requested while this is already stored in kwallet
Geert Janssens
info at kobaltwit.be
Tue Aug 9 11:30:16 BST 2011
https://bugs.kde.org/show_bug.cgi?id=279724
Summary: LDAP password is requested while this is already
stored in kwallet
Product: Akonadi
Version: 1.5.3
Platform: Fedora RPMs
OS/Version: Linux
Status: UNCONFIRMED
Severity: normal
Priority: NOR
Component: general
AssignedTo: kdepim-bugs at kde.org
ReportedBy: info at kobaltwit.be
Version: 1.5.3 (using KDE 4.6.5)
OS: Linux
I'm not sure what component is responsible for this, so I chose Akonadi -
general.
Here's my use case:
When I start kontact (on one machine) or kmail only (on another machine), this
will ask to open kwallet for the passwords it requires. This works fine.
If I enter the kwallet master password fairly quickly, all proceeds normally.
If, however, I wait too long to enter this master password (say because I went
to get some coffee first), a second dialog will pop up after the kwallet master
password is entered that asks for my LDAP password.
I assume this LDAP password is required for my LDAP based address book. This
LDAP password is also stored in kwallet and works fine. This should be clear
from the use case where I am fast enough to unlock kwallet. In that case
kontact/kmail never asks for the LDAP password and my address book works fine.
It is only when I wait long enough to unlock kwallet that I get asked for an
LDAP password. And even in that case, kontact/kmail already know the password,
because it's prefilled in the LDAP dialog. So with only hitting ok, I can
continue.
This behaviour suggests that an LDAP connection is attempted before the user
unlocks kwallet. If it takes long enough to unlock, the LDAP connection attempt
times out and triggers a password request.
Reproducible: Always
Steps to Reproduce:
- Setup an LDAP address book and store the LDAP credentials in kwallet
- Log out and back in to reset the password caches
- Start kmail
- When the kwallet unlock dialog appears, wait a while (my guess would be at
least a minute)
- Unlock kwallet
Actual Results:
As soon as the kwallet unlock dialog closes, a new dialog appears to ask for
the LDAP password. Note that this password is prefilled in the dialog, so
clearly kmail already knows it.
Expected Results:
The second dialog should only appear if the LDAP password was not in kwallet or
the one in kwallet was invalid, not because a user takes quite a long time to
unlock kwallet.
For me as an experienced user, this is only a small problem. I understand both
dialogs and their purpose. But I support a number of casual users and having
two dialogs pop up confuses them to no end. This is even more complicated by
the fact that the kwallet master password is different from the LDAP password
(for obvious security reasons). However since the users have a very hard time
discriminating the two different password requests they often end up trying
their kwallet passwords for the ldap password request (thinking they simply
mistyped their kwalled password the first time). This of course doesn't work
and worse, a wrong password then gets stored in kwallet, requiring regular
administrator intervention.
--
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the Kdepim-bugs
mailing list