Last modified: 2011-03-12 15:39:31 UTC
Writing an authentication extension for Shibboleth
(http://shibboleth.internet2.edu) and found that there doesn't seem to be a
great way to hide the password change field on the preferences page from an
extension... this remedies that.
Fix consists of two patches:
*First patch is against the AuthPlugin class to add another function call
(canSetPassword) that returns whether or not a the passwords can be changed in
the external database.
*Second patch is for the preferences page to check this nd if it finds that it
can't change a password in the external database, not display the password
change form on that page.
Created attachment 1768 [details]
Patch against trunk/phase3/includes/AuthPlugin.php
Created attachment 1769 [details]
Patch against trunk/phase3/includes/SpecialPreferences.php
I know there was some IRC discussion on the bug, but can someone comment here on
what exactly they'd like to see changed?
The patch hides the form controls, but doesn't filter the POST values when the
request is submitted, so there's still scope for the input to be processed.
Except for the fact that the input is _already_ filtered out.
This just updates the form controls to reflect that the input is going to be
Fixed in SVN trunk, r15139.
Verified, removed keywords. Thanks!