Closed
Bug 120128
Opened 23 years ago
Closed 22 years ago
Offer ability to use Net::LDAP for user authentication
Categories
(Bugzilla :: User Accounts, enhancement, P3)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: justdave, Assigned: justdave)
References
Details
(Whiteboard: [blocker will fix] patches here are security risk - don't use without modifying)
Attachments
(2 files)
|
4.85 KB,
patch
|
Details | Diff | Splinter Review | |
|
12.08 KB,
patch
|
Details | Diff | Splinter Review |
The patch I'm about to attach was submitted by Elliot Otchet
(degroens@yahoo.com). This patch changes Bugzilla to use Net::LDAP instead of
Mozilla::LDAP.
I think the proper course of action for us is to provide a choice, so we'll
probably need to modify this patch to use conditionals based on a preference
instead of doing just the one.
|
Assignee | |
Comment 1•23 years ago
|
||
|
||
Comment 2•23 years ago
|
||
This patch allows the administrator the option of using either Mozilla::LDAP or
Net::LDAP. It also includes a couple enhancements to both: 1) the ability to
set the loginname attribute (normally 'uid'), 2) the ability bind initially
with a dn/password instead of anonymously.
|
|
Assignee | |
Updated•23 years ago
|
Quick question: what is the difference between Mozilla::LDAP and Net::LDAP? Does
the Net:: version still require the Netscape LDAP SDK?
|
|
||
Comment 4•23 years ago
|
||
Net::LDAP uses the OpenLDAP libraries instead of Netscape's SDK.
No, Netscape's LDAP SDK is not required if you use Net::LDAP.
|
|
Assignee | |
Comment 5•22 years ago
|
||
*** Bug 158630 has been marked as a duplicate of this bug. ***
|
|
Assignee | |
Comment 6•22 years ago
|
||
I ended up rewriting this into the Bugzilla::Auth::LDAP module which plugs into
the new auth system Brad Baetz wrote, and is included in the latest megapatch on
bug 180642. I ended up ditching the Mozilla::LDAP support. If anyone really
strongly feels we need to still support it, I suppose we can add a module for
that, but I'm pretty sure Net::LDAP can connect to a Netscape branded server.
Feel free to correct me if I'm wrong though.
|
||
Comment 7•22 years ago
|
||
We now use Net::LDAP exclusively
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
|
|
Assignee | |
Comment 8•22 years ago
|
||
NOTICE to anyone using 2.16.x wishing to apply the attached patches rather than
upgrading to 2.17.4 in order to get Net::LDAP support... please see bug 207556
before applying either of these patches. There is a major security hole here
(any password works as long as the user exists) that you will need to resolve if
you apply these patches. We ended up doing something different in 2.17.4 (bug
180642), and that version works okay (but it's a much larger patch)
Whiteboard: [blocker will fix] → [blocker will fix] patches here are security risk - don't use without modifying
|
||
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•