[ltb-dev] [LDAP Tool Box - Bug #863] Password Token Expiring

noreply at lsc-project.org noreply at lsc-project.org
Tue May 24 17:29:21 CEST 2016

Issue #863 has been updated by Jeff G.

So, it looks like PHP sessions are used to keep a token alive, correct?

If I request a password reset token for another user at my computer and they open the token link on a different computer, the token will show as invalid?
Bug #863: Password Token Expiring

Author: Jeff G
Status: New
Priority: High
Assigned to: 
Category: Self Service Password
Target version: self-service-password-?

It seems the password tokens expire when a new one is requested, even for completely different people. If I request a password reset token for client A, then 5 minutes later for client B, client A will no longer be able to reset their password using the token they were sent. Is this normal?

You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-dev/attachments/20160524/a30f5ebd/attachment.htm>

More information about the ltb-dev mailing list