Closed
Bug 120128
Opened 23 years ago
Closed 21 years ago
Offer ability to use Net::LDAP for user authentication
Categories
(Bugzilla :: User Accounts, enhancement, P3)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: justdave, Assigned: justdave)
References
Details
(Whiteboard: [blocker will fix] patches here are security risk - don't use without modifying)
Attachments
(2 files)
4.85 KB,
patch
|
Details | Diff | Splinter Review | |
12.08 KB,
patch
|
Details | Diff | Splinter Review |
The patch I'm about to attach was submitted by Elliot Otchet (degroens@yahoo.com). This patch changes Bugzilla to use Net::LDAP instead of Mozilla::LDAP. I think the proper course of action for us is to provide a choice, so we'll probably need to modify this patch to use conditionals based on a preference instead of doing just the one.
Assignee | ||
Comment 1•23 years ago
|
||
Comment 2•22 years ago
|
||
This patch allows the administrator the option of using either Mozilla::LDAP or Net::LDAP. It also includes a couple enhancements to both: 1) the ability to set the loginname attribute (normally 'uid'), 2) the ability bind initially with a dn/password instead of anonymously.
Assignee | ||
Updated•22 years ago
|
Quick question: what is the difference between Mozilla::LDAP and Net::LDAP? Does the Net:: version still require the Netscape LDAP SDK?
Comment 4•22 years ago
|
||
Net::LDAP uses the OpenLDAP libraries instead of Netscape's SDK. No, Netscape's LDAP SDK is not required if you use Net::LDAP.
Assignee | ||
Comment 5•22 years ago
|
||
*** Bug 158630 has been marked as a duplicate of this bug. ***
Assignee | ||
Comment 6•22 years ago
|
||
I ended up rewriting this into the Bugzilla::Auth::LDAP module which plugs into the new auth system Brad Baetz wrote, and is included in the latest megapatch on bug 180642. I ended up ditching the Mozilla::LDAP support. If anyone really strongly feels we need to still support it, I suppose we can add a module for that, but I'm pretty sure Net::LDAP can connect to a Netscape branded server. Feel free to correct me if I'm wrong though.
Comment 7•21 years ago
|
||
We now use Net::LDAP exclusively
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 8•21 years ago
|
||
NOTICE to anyone using 2.16.x wishing to apply the attached patches rather than upgrading to 2.17.4 in order to get Net::LDAP support... please see bug 207556 before applying either of these patches. There is a major security hole here (any password works as long as the user exists) that you will need to resolve if you apply these patches. We ended up doing something different in 2.17.4 (bug 180642), and that version works okay (but it's a much larger patch)
Whiteboard: [blocker will fix] → [blocker will fix] patches here are security risk - don't use without modifying
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•