couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcos Zanona (Closed) (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (COUCHDB-1374) Server Admin never gets deleted
Date Thu, 05 Jan 2012 12:01:40 GMT

     [ https://issues.apache.org/jira/browse/COUCHDB-1374?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Marcos Zanona closed COUCHDB-1374.
----------------------------------

    Resolution: Later
    
> Server Admin never gets deleted
> -------------------------------
>
>                 Key: COUCHDB-1374
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1374
>             Project: CouchDB
>          Issue Type: Bug
>          Components: Futon, Infrastructure
>    Affects Versions: 1.1.1
>            Reporter: Marcos Zanona
>              Labels: admin, login, security, validation
>             Fix For: 1.2, 1.3, 1.1.2
>
>
> It seems that when creating a Server Admin and then deleting that same user with another
admin makes the first user stay active, resulting in a no deletion and doesn't block the access
to the old admin access.
> It becomes marked as  {"error":"not_found","reason":"deleted"} but still having access
to the whole system as an admin.
> Also, Futon let's you create another simple user with the same name as the deleted server
admin without any problem, resulting on a password change for the old server admin, but that
user will stay as a server admin even if that wasn't the original intention.
> * I have experienced this creating these users through Futon by using the "Setup more
admins" popup

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message