While studying the Authentication Views in Django I came across some of the build in views including password reset view. I got hang of its basic working mechanism while reading the documentation I encountered the line promoting the use of *set_unusable_password()* in Djagno authentication against *LDAP networks*. I googled and found some of the useful links defining LDAP networks e.g. <http://stackoverflow.com/questions/1663106/ldap-authentication-server-why> but I was not able to understand the possible vulnerabilities to the LDAP authentication system that may arise when the set_unusable_password flag is not set and the system is requested a password change request. Basically what I am trying to ask is what kind of misuse can occur in case of LDAP authentication and set_unusable_function not being used as said in the following context of the password reset view in Django. Can anyone please kindly highlight some of the misuses I will be really grateful. The Link <https://docs.djangoproject.com/en/1.11/topics/auth/default/#django.contrib.auth.views.PasswordResetView> to the topic is here and *Method Link <https://docs.djangoproject.com/en/1.11/topics/auth/customizing/#django.contrib.auth.models.AbstractBaseUser.set_unusable_password>*. Thanks in *Advance*.
-- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/04815d24-898b-4e03-b50d-24cac2094942%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
