1027712 – "username" field in IPA webUI login page should be mandatory

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1027712 - "username" field in IPA webUI login page should be mandatory

Summary: "username" field in IPA webUI login page should be mandatory

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	ipa
Sub Component:
Version:	7.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	low
Target Milestone:	rc
Target Release:	---
Assignee:	Martin Kosek
QA Contact:	Namita Soman
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-11-07 10:26 UTC by Jeeva Kandasamy
Modified:	2015-03-05 10:09 UTC (History)
CC List:	4 users (show)
Fixed In Version:	ipa-4.0.3-1.el7
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-03-05 10:09:51 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
html source (1.04 KB, text/plain) 2013-11-07 10:26 UTC, Jeeva Kandasamy	no flags	Details
WebUI login Page (75.10 KB, image/jpeg) 2013-11-07 10:27 UTC, Jeeva Kandasamy	no flags	Details
Verified WebUI login Page (147.50 KB, image/png) 2015-01-05 18:29 UTC, Varun Mylaraiah	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:0442	0	normal	SHIPPED_LIVE	Moderate: ipa security, bug fix, and enhancement update	2015-03-05 14:50:39 UTC

Description Jeeva Kandasamy 2013-11-07 10:26:19 UTC

Created attachment 820984 [details]
html source

Description of problem:
On IPA WebUi login page "username" and "password" marked as mandatory fields on the HTML source code. However it is not working for the "username" field. If you keep the "username" filed empty it is not validating in client side. It is taking it to server side for authentication.

Version-Release number of selected component (if applicable):
ipa-server-3.3.2-3.el7.x86_64

How reproducible:
always

Steps to Reproduce:
1. navigate on your browser(I used firefox) https://<hostname>/ipa/ui/index.html
2. keep empty "username" field
3. enter some value on "password" field
4. Click on "Login" button.

Actual results:
If you keep the "username" filed empty it is not validating in client side. It is taking it to server side for authentication.

Expected results:
These type validation should happen on client side.

Additional info:
Screen shot and html source code files are attached.

Comment 1 Jeeva Kandasamy 2013-11-07 10:27:21 UTC

Created attachment 820985 [details]
WebUI login Page

Comment 3 Martin Kosek 2013-11-07 11:38:58 UTC

Thanks for your report. The ability to enter this form without login++password is intentional - it translates to log in with Kerberos as written in the dialog. When user and password is entered, it logs in with user+password.

However, you are right that you should not be able to fill in just password, the dialog should require user to be filled as well. I will open an upstream ticket for that.

Comment 4 Martin Kosek 2013-11-07 11:40:55 UTC

Upstream ticket:
https://fedorahosted.org/freeipa/ticket/4017

Comment 5 Petr Vobornik 2014-04-15 10:55:05 UTC

Fixed upstream in RCUE login effort
master:
https://fedorahosted.org/freeipa/changeset/2680d21402d8ac51146bf03be3c0fd63ab49cada
https://fedorahosted.org/freeipa/changeset/f39f4aaae2fef6de6a8312dcc652bcaa5766b22b
https://fedorahosted.org/freeipa/changeset/dec7f98aa995b369f022813093ac88d0062e5089
https://fedorahosted.org/freeipa/changeset/642345fd53faabd9183bef1a7667bdb7956d27f7
https://fedorahosted.org/freeipa/changeset/93c4a6388bf05a754403a888e95e4a887180d9b1
https://fedorahosted.org/freeipa/changeset/a1c25122788ec7d9d7953db840ca6067f979432d
https://fedorahosted.org/freeipa/changeset/cb486136dbf86d52e75e1684d4876fd46c44aa22
https://fedorahosted.org/freeipa/changeset/0c8b04699b35ea48b897bcd3419a94dd90a07c5d
https://fedorahosted.org/freeipa/changeset/efc9e66f4ddff7c0aaae5d460ab41f6026fbd32d
https://fedorahosted.org/freeipa/changeset/7c068f036f64b3b5156862fc2fc5855db612ef2e
https://fedorahosted.org/freeipa/changeset/2ec5d969a27b91b04a2b424d93800e68a77aa6e8
https://fedorahosted.org/freeipa/changeset/937533c48e27c5a8d4d63978d32990451a10a36a
https://fedorahosted.org/freeipa/changeset/ad48697ff9a7a25f52047e3ddf68a551c89b0758
https://fedorahosted.org/freeipa/changeset/466e32f9ec817f0a8102c5dc7881b42b18267df5
https://fedorahosted.org/freeipa/changeset/6b0c6bf34435859a21936ad69d3eb984c27f9d8d

More precisely in changeset:
https://fedorahosted.org/freeipa/changeset/efc9e66f4ddff7c0aaae5d460ab41f6026fbd32d

Comment 8 Varun Mylaraiah 2015-01-05 18:29:19 UTC

Created attachment 976547 [details]
Verified WebUI login Page

Verified.

IPA version:
------------
ipa-server-4.1.0-12.el7.x86_64

Comment 10 errata-xmlrpc 2015-03-05 10:09:51 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2015-0442.html

Note You need to log in before you can comment on or make changes to this bug.