Last modified: 2014-10-17 19:33:11 UTC
As a user who has been renamed during SUL migration I want to login with my old name and password So I can continue to use the wiki As a user who has been renamed during SUL migration I want to know that I was renamed So I can learn my new name and/or ask for a new name Given that I authenticate with "username" and "password" When "password" is not valid for "username" AND "password" is valid for "username~<WIKI>" Then I am logged in as "username~<WIKI>" AND I am redirected to the SUL account renamed page Given that I am logged in When I am redirected to the SUL account renamed page Then I am told my account was renamed to NEW_NAME AND I am asked to log in using that name in the future AND I am told how I can get my new account renamed AND I am told why all this happened AND I am given a link to the page I wanted to visit
Change 147020 had a related patch set uploaded by BryanDavis: Allow login with pre-rename username and password https://gerrit.wikimedia.org/r/147020
Change 148420 had a related patch set uploaded by BryanDavis: [WIP] Interstitial notification page for renamed users https://gerrit.wikimedia.org/r/148420
Change 156887 had a related patch set uploaded by CSteipp: [WIP] Allow extensions to indicate rename during login https://gerrit.wikimedia.org/r/156887
Change 156947 had a related patch set uploaded by CSteipp: Check for renamed user on login https://gerrit.wikimedia.org/r/156947
I added a few patchsets (Gerrit change #156887 and Gerrit change #156947) to add a hook to core and use that in CentralAuth to fix the remaining use case that Bryan's patch didn't cover. This feels ugly, but I'm not sure we have a better solution. On a separate note, I wanted to document that this feature has slight security implications. Since we're automatically changing the username on login, there's a small (nearly impossible, but not entirely) chance we'll change it to the wrong username, if two users have the same password. This would be the same if pre-finalization, a local user came to a wiki and "accidentally" logged into another person's account who happened to have the same username and password. Highly unlikely to have any real impact, but wanted to bring it up in case it bothers anyone.
(In reply to Chris Steipp from comment #5) > On a separate note, I wanted to document that this feature has slight > security implications. Since we're automatically changing the username on > login, there's a small (nearly impossible, but not entirely) chance we'll > change it to the wrong username, if two users have the same password. This > would be the same if pre-finalization, a local user came to a wiki and > "accidentally" logged into another person's account who happened to have the > same username and password. > > Highly unlikely to have any real impact, but wanted to bring it up in case > it bothers anyone. I think I pointed that out somewhere, but maybe it was only as discussion in a meeting. It is a fairly small new hole as the two users that are being confused must be USER and USER~wiki. Meaning the USER~wiki account is now exposed to brute force attacks on the USER account's password.
Change 156887 merged by jenkins-bot: Allow extensions to indicate a username doesn't exist https://gerrit.wikimedia.org/r/156887
Change 147020 merged by jenkins-bot: Allow login with pre-rename username and password https://gerrit.wikimedia.org/r/147020
Change 156947 merged by jenkins-bot: Check for renamed user on login https://gerrit.wikimedia.org/r/156947
Change 148420 merged by jenkins-bot: Interstitial notification page for renamed users https://gerrit.wikimedia.org/r/148420
