horizon removing trailing spaces on passwords - auth fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Dashboard (Horizon) |
Fix Released
|
Medium
|
Akihiro Motoki |
Bug Description
From the dashboard openstack is removing the trailing spaces from our user's passwords.
We have a modified sql.py backend, that does an ldap bind to an active directory data store. And that works almost always. I say almost because for some users it doesn't work at all. We figure out (and a co-worker also confirmed this) that openstack is removing trailing (also leading?) spaces from the password entered in the dashboard. Also, inside the dashboard trailing spaces are not accepted even when they are equal byte by byte (including the space, I get an error). So this is going on.
Do anybody knows where is this removal performed? (python script location, line) So I can remove that since I have users (me included, I have the issue since the very beginning of this deployment) that cannot login. And they can use their Active Directrory passwords from other apps without problem.
We are running 'stein' with the latest update for ubuntu 18.04-AMD64.
NOTE: Since passwords can indeed contain spaces anywhere I consider this a bug.
Details:
'openstack token isue' works with spaces at the end so this is horizon/django related.
I'm starting to think that it's the clean method from CharField() from django
Python 3.6.9 (default, Nov 7 2019, 10:44:02)
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from django import forms
>>> f = forms.CharField()
>>> f.clean("hello ")
'hello'
As it can be seen it removed the trailing space. I believe horizon should redefine clean which I think they don't and it gets inherited.