What version are you running?
ReviewBoard 2.0.15
RBtools 0.7.2
What's the URL of the page containing the problem?
NA
What steps will reproduce the problem?
If you already have a valid cookie, you still get prompted for a password, but you can enter anything and it will be accepted.
Here is an example session that illustrates the problem.
$ rm ~/.rbtools-cookies
$ rbt post --username sallan 824
Please log in to the Review Board server at localhost.
Password: bogus_password
ERROR: Unexpected API Error: The username or password was not correct (HTTP 401, API Error 104)
$ rbt post --username sallan 824
Please log in to the Review Board server at localhost.
Password: correct_password
Generating diff for pending changeset 824
Review request #10 posted.
http://localhost/r/10/
http://localhost/r/10/diff/
$ rbt post --username sallan 824
Please log in to the Review Board server at localhost.
Password: bogus_password
Generating diff for pending changeset 824
Review request #10 posted.
http://localhost/r/10/
http://localhost/r/10/diff/
Note that after I logged in and received a ticket, I still get prompted, but the bad password is now accepted.
What is the expected output? What do you see instead?
Ideally, I would not get prompted for a password if I already have a valid cookie. But if I am prompted, I expect a bad password to be rejected.
What operating system are you using? What browser?
CentOS6, Mac
FF, Safari, Chrome
Please provide any additional information below.