pgadmin4 icon indicating copy to clipboard operation
pgadmin4 copied to clipboard
verified publisher icon pgadmin-org

Correct error message should be displayed based on the user's authentication source when an incorrect password is provided.

Open akshay-joshi opened this issue 9 months ago • 1 comments

To Reproduce

Steps to reproduce:

  1. Set the AUTHENTICATION_SOURCES = ['internal', 'ldap', 'oauth2', 'webserver', 'kerberos'] in config_local.py or config.py
  2. Start the pgAdmin 4 and create a new user with auth source as 'internal'
  3. Try to log in using the newly created user but with the wrong password.

Expected behavior It should check the auth source of the logged-in user and show the correct error message. In this case user is 'internal', so it should throw "Incorrect username or password. 2 more attempts remaining"

Error message 'webserver authentication failed' when 'webserver' is set in the AUTHENTICATION_SOURCES list. 'LDAP configuration error: Port could not be cast to integer' when 'LDAP' is set in the AUTHENTICATION_SOURCES list and 'webserver' is not present.

akshay-joshi avatar Mar 21 '25 07:03 akshay-joshi

If we set an OAuth2 user to inactive and then that user tries to log in, they cannot log in, but no error or warning message is displayed. It should show a message indicating that the user is inactive.

pravesh-sharma avatar Apr 24 '25 07:04 pravesh-sharma

After extensive analysis and combining various authentication sources, resolving this issue has proven to be highly complex. Hence closing it.

akshay-joshi avatar May 13 '25 11:05 akshay-joshi