go-gitea / gitea

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
https://gitea.com
MIT License
45.44k stars 5.52k forks source link

User login does not work after changing Authentication Source without BIND password #5559

Open joga252 opened 5 years ago

joga252 commented 5 years ago

Description

After deactivating Enable User Synchronization in Administration area and saving changes without providing the Bind Password for the LDAP connection (see the blue boxes), user login is no more possible. Saving again with provided password re-enables users to login to the website.

Screenshots

image

lafriks commented 5 years ago

Bind password is needed for this auth source to work if your server does not allow anonymous connections

c-key commented 5 years ago

The Problem is that on every change on the site the "Bind Password" must be refilled. If the field is blank and for example the option "Enable User Synchronization" will be deactivated this auth source doesn't work. After refill the password and save the site without any modification the auth source will work as normal. Is it a security feature that the bind password must be refilled on every change on the site or is this a bug?

lafriks commented 5 years ago

yes bind password if it was set should be shown here

stale[bot] commented 5 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.