Samigo Security Fields: Secondary ID and Password fields are not validated.
GENERAL
TESTING
GENERAL
TESTING
Description
If the user sets the ID field, it is not checked that password is not blank. If the user sets the Password field, it is not checked that the ID is not blank.
If the user sets one of them (ID or Password) but the other one is not set, the assessment login doesn't work.
By the way, testing this in a test preview does not work, credentials are requested but are not validated. Maybe this must be sent to another JIRA.
Juanjo Meroño
January 12, 2015 at 12:46 PM
This patch was not applied in sakai-trunk when you test it, the tag "s2u-qa" must be present before you test in sakai-trunk, "s2u-apply-patch" tag marks the jira to be included in sakai-trunk. You could also check patches applied in sakai-trunk here: http://sakai-trunk.atica.um.es/patches.html
Daniel Merino
January 9, 2015 at 4:08 AM
Tested unsuccessfully in sakai-trunk.atica.um.es. I have created a test with id & password and then I have previewed it:
-Setting ID & Password requests these fields in the test preview, but they are not validated, I can bypass them writing anything on them. -Setting ID with no password also requests the fields in the test preview, but also without validating them. -Setting Password with an empty ID does not work in Preview, fields are not even requested before doing the test.
I have not tested them doing the test with another user. Maybe this should be reported in another JIRA?
Major
If the user sets the ID field, it is not checked that password is not blank.
If the user sets the Password field, it is not checked that the ID is not blank.
If the user sets one of them (ID or Password) but the other one is not set, the assessment login doesn't work.