Issue #863 has been updated by Clément OUDOT.
Jeff G wrote: > I think this is where CAS is causing an issue. CAS is controlling the PHP > session. The reset token only works if the user maintains the current > session. Once the CAS session is ended, the token that was generated will > never work again. Well it may be indeed the problem. Try to use mod_auth_cas in Apache to avoid mixing CAS and tokens in PHP code. ---------------------------------------- Bug #863: Password Token Expiring http://tools.lsc-project.org/issues/863 Author: Jeff G Status: New Priority: High Assigned to: Category: Self Service Password Target version: self-service-password-? It seems the password tokens expire when a new one is requested, even for completely different people. If I request a password reset token for client A, then 5 minutes later for client B, client A will no longer be able to reset their password using the token they were sent. Is this normal? -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
