Page MenuHomePhabricator

Disable ability to log in with old user credentials (pre-SUL finalization)
Closed, ResolvedPublic

Description

For SUL finalization, a system was put into place that would allow users to log in with old credentials to recover their renamed account. This feature should be removed on or after 15 April 2016, one year after SUL finalization started.

Gerrit changes that put this in place:

I might be missing some, please add.

Event Timeline

Keegan created this task.Feb 23 2016, 10:23 PM
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptFeb 23 2016, 10:23 PM
Keegan renamed this task from Disable SUL conflicting usernames login screen to Disable ability to log in with old user credentials (pre-SUL finalization).Feb 23 2016, 10:40 PM
Keegan triaged this task as Normal priority.Feb 23 2016, 11:23 PM

Do we have any information about how often this is used?

Do we have any information about how often this is used?

@Legoktm searched and found:

$ zgrep -c "Coercing user to" CentralAuth.log-201604*
CentralAuth.log-20160401.gz:89
CentralAuth.log-20160402.gz:94
CentralAuth.log-20160403.gz:69
CentralAuth.log-20160404.gz:69
CentralAuth.log-20160405.gz:88
CentralAuth.log-20160406.gz:95
CentralAuth.log-20160407.gz:94
CentralAuth.log-20160408.gz:86
CentralAuth.log-20160409.gz:85
CentralAuth.log-20160410.gz:94
CentralAuth.log-20160411.gz:77
CentralAuth.log-20160412.gz:78
CentralAuth.log-20160413.gz:100
CentralAuth.log-20160414.gz:113

That's pretty low compared to the ~50 logins per minute that happen across the cluster.

Do we have any information about how often this is used?

@Legoktm searched and found:

...

That's pretty low compared to the ~50 logins per minute that happen across the cluster.

Yup. I don't think we can statistically get much more low-impact than this, so it's time to remove it.

Keegan assigned this task to Legoktm.Apr 14 2016, 8:58 PM
Keegan updated the task description. (Show Details)Apr 15 2016, 12:20 AM

Change 288435 had a related patch set uploaded (by Legoktm):
Disable $wgCentralAuthCheckSULMigration functionality

https://gerrit.wikimedia.org/r/288435

Change 288435 merged by jenkins-bot:
Disable $wgCentralAuthCheckSULMigration functionality

https://gerrit.wikimedia.org/r/288435

Mentioned in SAL [2016-05-17T23:14:23Z] <dereckson@tin> Synchronized wmf-config/CommonSettings.php: Disable $wgCentralAuthCheckSULMigration functionality (T127887) (duration: 00m 25s)

Legoktm closed this task as Resolved.May 17 2016, 11:39 PM

Confirmed by failing to log into my SULF renamed test account.