On 10/05/2018 21:49, PeeDub wrote:
I have seen this in API as well as on
http://syncope-vm.apache.org:9080/syncope-enduser
If a user changes her username (say from "julius" to "juliuscaesar") the
user is not able to log in with the new username (OR with the old username).
I have confirmed using syncope-console that the system recognizes that the
username has changed.
1. went to http://syncope-vm.apache.org:9080/syncope-enduser
2 .logged in as bellini / password
3. changed username to bellini2
4. went to http://syncope-vm.apache.org:9080/syncope-console/
5. noticed that there is 1 pending approval (see icon on the top bar,
right side)
6. clicked on the approval icon, then "view all approvals"
7. clicked on the row, then claim
8. clicked again on the row, then manage, then set Approve? to yes and
finally save from the modal window
9. clicked on the Dashboard item on the left menu, then Access Tokens,
remove the token for 'bellini'
10. went again to http://syncope-vm.apache.org:9080/syncope-enduser
11. logged in as bellini2 / password
From all the process above, step 9 is an actual bug: the Enduser UI
does not remove the Access Token when logging out: I have opened
https://issues.apache.org/jira/browse/SYNCOPE-1309 for this.
If you did it by REST APIs, then you should ensure to remove the
existing JWT before attempting to log in again.
Approval steps are required because syncope-vm.apache.org uses a
workflow definition with approvals, and logging in is only allowed for
users in created and active statuses (as you can check by going into
Configuration > Parameters > authentication.statuses).
Thanks for reporting.
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
