ez publish authentication

Previous topic

Install & configuration

Next topic

Author	Message
nicholas king	Tuesday 08 March 2011 6:30:40 am Hello All, we currently are having a issue with our install where users can goto the url {domain}/user/login type in a valid username with no password and ez will log the person in as the user entered into the username box. So obviously our install is not checking passwords. Any ideas on how to force the install to check passwords on switching users? Thanks Nicholas
Greg McAvoy-Jensen	Tuesday 08 March 2011 8:18:20 am In the admin interface, click on the setup tab, then upgrade > file consistency check. See if anyone has disabled password checking. This is occasionally useful during some custom development, but of course has to be reversed before the system is put into production. Granite Horizon, Certified Developer of eZ Publish Web Solutions Provider of the SaaS Solution Granite Horizon In The Cloud \| http://granitehorizon.com/cloud http://granitehorizon.com \| +1 916 647 6350 \| California USA \| @granitegreg Blog: http://granitehorizon.com/blog
nicholas king	Wednesday 09 March 2011 1:53:39 am Hello Greg, That is exactly what had happened inside of /kernel/classes/datatypes/ezuser/ezuser.php i had to search for the following line return eZUser::createHash( $user, $password, $site, $type, $hash ) === (string) $hash; Thanks Nicholas

Author

Message

nicholas king

Tuesday 08 March 2011 6:30:40 am

Hello All,

we currently are having a issue with our install where users can goto the url {domain}/user/login

type in a valid username with no password and ez will log the person in as the user entered into the username box. So obviously our install is not checking passwords. Any ideas on how to force the install to check passwords on switching users?

Thanks

Nicholas

Greg McAvoy-Jensen

Tuesday 08 March 2011 8:18:20 am

In the admin interface, click on the setup tab, then upgrade > file consistency check. See if anyone has disabled password checking. This is occasionally useful during some custom development, but of course has to be reversed before the system is put into production.

Granite Horizon, Certified Developer of eZ Publish Web Solutions
Provider of the SaaS Solution Granite Horizon In The Cloud | http://granitehorizon.com/cloud
http://granitehorizon.com | +1 916 647 6350 | California USA | @granitegreg
Blog: http://granitehorizon.com/blog

nicholas king

Wednesday 09 March 2011 1:53:39 am

Hello Greg,

That is exactly what had happened inside of /kernel/classes/datatypes/ezuser/ezuser.php

i had to search for the following line

return eZUser::createHash( $user, $password, $site, $type, $hash ) === (string) $hash;

Thanks

Nicholas

eZ debug

Timing:	Jan 18 2025 02:56:37
Script start
Timing:	Jan 18 2025 02:56:37
Module start 'layout'
Timing:	Jan 18 2025 02:56:37
Module start 'content'
Timing:	Jan 18 2025 02:56:37
Module end 'content'
Timing:	Jan 18 2025 02:56:37
Script end

Main resources:

Total runtime	0.9790 sec
Peak memory usage	4,096.0000 KB
Database Queries	57

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0073	589.4453	152.6250
Module start 'layout'	0.0073	0.0028	742.0703	39.4531
Module start 'content'	0.0101	0.9675	781.5234	533.6641
Module end 'content'	0.9776	0.0014	1,315.1875	12.3203
Script end	0.9790		1,327.5078

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0034	0.3470	16	0.0002
Check MTime	0.0014	0.1386	16	0.0001
Mysql Total
Database connection	0.0010	0.1040	1	0.0010
Mysqli_queries	0.9301	94.9991	57	0.0163
Looping result	0.0006	0.0583	55	0.0000
Template Total	0.9498	97.0	2	0.4749
Template load	0.0020	0.2033	2	0.0010
Template processing	0.9478	96.8089	2	0.4739
Template load and register function	0.0008	0.0849	1	0.0008
states
state_id_array	0.0008	0.0803	1	0.0008
state_identifier_array	0.0019	0.1942	2	0.0010
Override
Cache load	0.0016	0.1627	18	0.0001
Sytem overhead
Fetch class attribute can translate value	0.0015	0.1527	2	0.0007
Fetch class attribute name	0.0012	0.1257	4	0.0003
XML
Image XML parsing	0.0011	0.1125	2	0.0006
class_abstraction
Instantiating content class attribute	0.0000	0.0010	4	0.0000
General
dbfile	0.0008	0.0806	18	0.0000
String conversion	0.0000	0.0008	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
3	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
3	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
1	content/datatype/view/ezimage.tpl	<No override>	extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tpl
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 9 Number of unique templates used: 5

Time used to render debug report: 0.0001 secs