roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Johnson (JIRA)" <>
Subject [jira] [Resolved] (ROL-2132) Remember me is broken
Date Sun, 21 Apr 2019 19:21:00 GMT


David Johnson resolved ROL-2132.
    Resolution: Fixed

I was able to reproduce this problem by setting up OpenLDAP and setting up Roller to use it
for authentication. The problem was that when a user returned to Roller the user's remember-me
token did not match the one calculated by Roller.  The cause was that the password used to
calculate the initial remember-me token was the Roller user's password and the one used to
calculate the expected remember-me token was using the empty or non-existing one returned
by LDAP.

The fix is the use a dummy password to calculate the remember-me token when LDAP is enabled.
Here's the code:

> Remember me is broken
> ---------------------
>                 Key: ROL-2132
>                 URL:
>             Project: Apache Roller
>          Issue Type: Bug
>          Components: User Interface - General
>            Reporter: David Johnson
>            Assignee: David Johnson
>            Priority: Major
>             Fix For: 5.2.3
> Clicking remember-me does not result in remembering the user and (on
can lead to an error page.
> Remember-me is working for me locally (Tomcat 8, PostgreSQL) so I suspect this problem
is related to Spring Security and LDAP configuration of

This message was sent by Atlassian JIRA

View raw message