felixrupp
commented
6 years ago Hi @Jutosa
user_cas can not know any password a CAS-user typed into the CAS-login window. CAS is designed to keep all secret information away from the application (e.g. ownCloud/Nextcloud). The User passwords are set to NULL in the database on login. If the app-passwords get destroyed after logging out, because of that, user_cas can not help you here in any way. You have to find another solution for that.
If you just want simple App-Logins without saving your real password in the app, you should think about using the ownCloud oauth2 app to access your instance (the app needs oauth2 implementation, too) without needing to save your real password inside the app. oauth2 is fully supported by user_cas.
Regards, Felix
Describe the bug When I create app passwords they are deleted for users of the user_cass app using ECAS.
Currently, version 13.x.x, Nextcloud encrypts app passwords with the user password. Is the password changed or altered, app passwords are revoked.
Users outside of CAS are not affected.
To Reproduce Steps to reproduce the behavior:
Expected behavior App passwords are not revoked when I get logged out
Software (please complete the following information):