User not found when password set in public shares

Home Forums Troubleshooting User not found when password set in public shares

Tagged: ,

Viewing 13 posts - 1 through 13 (of 13 total)
  • Author
    Posts
  • #99808
    Profile photo of abolfazl
    Anonymous

    Hello,

    I would try to put a password to protect access to a plublic hand . well-defined password, the login page is loaded and requests the password, but when I enter the correct password , login failed with this message : “unable to find the user ,” but I have just defined a password , not a user. If I leave the password blank , it works …
    If I delete the password option by changing the public share option , access is restored.

    An idea ?

    Thanks in advance


    • This topic was modified 5 years, 4 months ago by Profile photo of abolfazl .
    #99810
    Profile photo of abolfazl
    Anonymous

    Hi,
    What is the version of Pydio ?


    #99819
    Profile photo of abolfazl
    Anonymous

    Hi,

    Version 6.2.2 On IIS serveur 2008 R2


    #100460
    Profile photo of abolfazl
    Anonymous

    Hello, I have the same problem (except that when not entering any password, I get rejected). I’m up to date to the latest version (6.4.1). I don’t know if it’s due to the last upate, but it was working fine before.

    I can logon without a problem as a regular user or as admin, but when someone accesses a share protected by a password, I get a page showing an “Enter login/password” (which seems strange as it should only ask for a pass) and an input box for the password.
    When I enter the (correct) password, it complains with “Cannot find user, please try again. Make sure your Caps Lock is not engaged!”.

    I’m using a regular install of Pydio (on a Linux server), with just a normal MySQL, no LDAP or any particular external authentication, for several years already.


    • This reply was modified 5 years, 3 months ago by Profile photo of abolfazl .
    #100463
    Profile photo of abolfazl
    Anonymous

    If that can help, in the logs, I have the following line generated:

    04-17-16 03:16:31 XX.XX.XX.XX WARNING shared AuthService Login failed user=4d8d6c6a4721;error=Invalid password

    What is that user? Is this something generated randomly for shares?


    #100486
    Profile photo of abolfazl
    Anonymous

    I checked the MySQL database, the “temporary” user 4d8d6c6a4721 exists, but, the password is stored in cleartext !
    That’s very strange as the other pass are stored as a hash (I guess):

    select * from ajxp_users;
    [...]
    | 4c47d4fb30a7   | 57940409239cbaadde45a68ebef61d75 | /         |
    | 4d8d6c6a4721   | coucou123                        | /         |
    | 4f9d38d4c661   | b18eadfa19844ad63a31bbcf0c478222 | /         |
    | 5020c516790c   | e5c731a8688fce1a86c7060036d4d853 | /         |
    | 5197f7b48a87   | 73d39d35f5c6fe5a4885e11268bd5af6 | /         |
    [...]

    (I changed the hashes)

    It looks like the pass is not going anymore through the hash procedure…


    #100488
    Profile photo of abolfazl
    Anonymous

    I quickly checked the source (class.AuthService.php), I just found a call to a md5() but it’s not called anywhere. In another source file (class.AJXP_Safe.php), there’s a call to mcrypt (base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($user.$this->secretKey), $password, MCRYPT_MODE_ECB));
    I’m not sure which one is supposed to be called.
    Anyway, my PHP5 (Version 5.5.9-1ubuntu4.14) has the mcrypt module loaded correctly, so that’s not the problem:

    mcrypt support	enabled
    mcrypt_filter support	enabled
    Version	2.5.8
    Api No	20021217
    Supported ciphers	cast-128 gost rijndael-128 twofish arcfour cast-256 loki97 rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes
    Supported modes	cbc cfb ctr ecb ncfb nofb ofb stream

    #100572
    Profile photo of Charles
    Charles
    Keymaster

    Hi,
    It seems like you have a legacy option (Transmit Clear Pass > False). Did you upgrade from an old pydio version?
    -c


    Charles, Pydio author - doing my best to help !
    If you like the software or want to say thanks, pay by a tweet, mention #pydio or follow us

    #100659
    Profile photo of abolfazl
    Anonymous

    Hello Charles,
    I don’t remember the version number but I was just 2 revisions late, so last time I upgraded there were 2 upgrades to do (the automatic ones, I mean).
    I can’t find anywhere in the options this “Transmit Clear Pass” :-( I looked 3 times each option of each option screen (Application Core, Feature Plugins, Other Plugins). Where can I find it exactly? And what is its supposed value?

    Thanks for your help,
    Luc


    #100767
    Profile photo of Charles
    Charles
    Keymaster

    It’s now hidden, so it’s normal you don’t see it.
    Can you test something: look in plugins/core.ajaxplorer/ajxp_mixins.xml, look for TRANSMIT_CLEAR_PASS and change its type from “hidden” to “boolean”.
    Then clear the plugins cache (data/cache/plugins_*.*),
    Then check the Authentication configurations in the admin.
    Do you see the field, and what is the value?
    -c


    Charles, Pydio author - doing my best to help !
    If you like the software or want to say thanks, pay by a tweet, mention #pydio or follow us

    #100783
    Profile photo of abolfazl
    Anonymous

    I have “Transmit Clear Pass” in the GUI set to “No”.


    #100808
    Profile photo of abolfazl
    Anonymous

    Hello Charles,

    Out of curiosity I changed the value for “Transmit Clear Pass” to Yes, and it seems to work now. Although the password structure looks different in the database (prefixed with sha256 and an integer):

    login          | password                   | groupPath
    2625328c9536   | 78843575bf6437d87361a2aba9a3fdea                    | /         |
    29b047fcbf8a | sha256:1000:gfkBKKHOGAaVVKSVZBRysGLnZVDRtUwT:L7hIDT3aUhJuqrLAfkZwyqkKUcTJcvBo | /     |
    2a9f30ff50a5   | c8fff6b1e8c3a28efdb3d95e992ff9d1     | /         |
    

    (the hashes have been modified, don’t worry :)


    #100823
    Profile photo of Charles
    Charles
    Keymaster

    Transmit Clear Pass = Yes is the correct value. This is an old settings used to blur the password when not everybody was on https, but was introducing a lot of limitations.
    c-


    Charles, Pydio author - doing my best to help !
    If you like the software or want to say thanks, pay by a tweet, mention #pydio or follow us

Viewing 13 posts - 1 through 13 (of 13 total)

The forum ‘Troubleshooting’ is closed to new topics and replies.