I updated my NC yesterday to the latest version (14.0.3 -> 14.0.4) and am encountering a small issue.
I am using a LDAP connection and pull all my user from the LDAP server, so they can login with their username and LDAP password. Since we have the issue in the current releases, that we really cannot hide the “Lost password” link, I amended the LoginController.php to my needs, so I can hide the “Lost password” link.
After the current update (14.0.4) I had to change these lines again, as it has been overwritten by the update (no big deal) but now when a user enters a wrong password, they get greated by an internal server error message, where as with the previous version, they only got a “Wrong password” message.
What have I done?
I amended this file:
Now I added the following to:
'lost_password_link' => 'disabled',
Error message the user is getting when mistyping their password:
## Internal Server Error The server was unable to complete your request. If this happens again, please send the technical details below to the server administrator. More details can be found in the server log. ### Technical details * Remote Address: xx.xx.xx.xx * Request ID: W-0bdS5Mv45pC6N835-9WAAAAAc
Checking the server log file, I find this:
Error index OC\ServerNotAvailableException: Connection to LDAP server could not be established 2018-11-27T11:03:28+0100 Error user_ldap No LDAP Connection to server MYLDAPSERVER 2018-11-27T11:03:28+0100 Warning user_ldap Bind failed: 50: Insufficient access 2018-11-27T11:03:28+0100
But as soon as we enter the correct password, it is working fine. I am 100% sure that it has nothing to do with our LDAP server, because the LDAP server is running fine, it must be something in NC triggering this message after changing the “Lost password” link behaviour.
I know that my change is not commited yet but this could cause some trouble if it is being commited and released in the future!