Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-11880

Clicking "Unable to access your account" for read-only directory users displays an erroneous message

XMLWordPrintable

      Issue Summary

      When user management in Bitbucket Server is through a read-only directory (Crowd, LDAP etc), users trying to reset their password should be notified that the account is read only and they should contact their administrator - at the moment all users (internal/external) receive the same message:

      "If you are a registered user, you will receive a password reset email"

      Environment

      Bitbucket 5.16 + with:

      • external LDAP (synced/delegated)
      • Crowd
      • Steps to Reproduce

      1. On login page click "Unable to access you account?"
      2. Enter the username/email of a user belonging to a read-only directory
      3. Click "Reset password"

      Expected Results

      If the user belongs to a read-only directory the message should be:
      "Your account details are read-only. Please contact your administrator to change your password."

      Actual Results

      The message is:
      "If you are a registered user, you will receive a password reset email"

      (Note that no password reset email is actually sent to users in read-only directories.)

      Notes

      A similar issue was fixed in Stash 4.0: BSERV-7548: Disable "reset your password" option for delegated LDAP (fixed in Bitbucket Server 4.0.0)

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

            khughes@atlassian.com Kristy
            tathanassiadou Themis
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: