Details
-
Type:
Bug
-
Status: Resolved (View Workflow)
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: 22.0.0
-
Fix Version/s: 22.0.3, Meridian-2015.1.10, Meridian-2016.1.15, Meridian-2017.1.10, Meridian-2018.1.0
-
Component/s: None
-
Security Level: Default (Default Security Scheme)
-
Labels:None
-
Environment:OpenNMS 20.0.0, Ubuntu
-
Sprint:Horizon - July 25th 2018, Horizon - August 1st 2018
Description
Login via radius is only possible once.
Person 1 logs in (Login1/Password1), OK
Person 2 logs in (Login2/Password2): Error message.
Your log-in attempt failed, please try again.
Reason: Error connecting to radius server: net.jradius.exception.TimeoutException: Timeout: No Response from RADIUS Server
Communication with the Radius Server also takes place for person 2, but the Radius Server does not respond to the third "Access Request". Just as if an incorrect password had been used. (checked with tcpdump)
Test with two browsers and the same user produced surprising results:
Browser 1: Person 1 with Login1 and correct password : OK
Browser 2: Person 1 with Login1 and wrong password: OK !!!
This means that OpenNMS always takes the password of the first login for all other logins after the first successful login.
Attachments
Issue Links
- is triggered by
-
-
- Open
-
