Bug 200806

Summary: Improve Login user experience and fix POLA violation
Product: Services Reporter: Kubilay Kocak <koobs>
Component: Bug TrackerAssignee: Marcus von Appen <mva>
Status: Closed Overcome By Events    
Severity: Affects Some People CC: araujo, bugmeister, swills
Priority: --- Keywords: dogfood
Version: unspecified   
Hardware: Any   
OS: Any   
Bug Depends on: 204211    
Bug Blocks:    

Description Kubilay Kocak freebsd_committer freebsd_triage 2015-06-12 03:52:32 UTC 
Several project members have been locked out of their accounts due to use of their full username <at> FreeBSD.org email address, instead of just 'username' given LDAP is configured as a valid authentication mechanism in addition to bugzilla accounts that use full email addresses.


At a minimum we should provide a hint on the login failed page:

template/en/default/global/user-error.html.tmpl

Such as:

"If you have a @FreeBSD.org account, only use your userid (username) to login, not your full email address"

Beyond this short-term template change, it would be prudent to:

* Detect the use of @FreeBSD.org accounts (since they will/should *all* use LDAP authentication), trim the domain portion, and continue to login.
Comment 1 Eitan Adler freebsd_committer freebsd_triage 2015-06-12 03:56:47 UTC 
be careful of mailing list addresses as well as the admin address (bugmeister@).  Neither uses LDAP auth.
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2015-12-14 09:37:38 UTC 
This is aimed to be (at least mostly, if not completely) resolved with the 5.x upgrade, when 'committer' logins will be no longer be special and different to normal user logins.
Comment 3 Marcus von Appen freebsd_committer freebsd_triage 2015-12-30 12:10:19 UTC 
This should not be an issue anymore, now that we are on 5.x