Closed
Bug 475118
Opened 16 years ago
Closed 16 years ago
Add LDAP auth support to Weave server
Categories
(Cloud Services Graveyard :: Server: Sync, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: anant, Assigned: anant)
References
Details
Attachments
(1 file, 1 obsolete file)
|
1.90 KB,
patch
|
telliott
:
review-
|
Details | Diff | Splinter Review |
The weave server needs to support LDAP based authentication
Attachment #358516 -
Flags: review?(telliott)
|
Assignee | |
Comment 1•16 years ago
|
||
Fix typo
Attachment #358516 -
Attachment is obsolete: true
Attachment #358520 -
Flags: review?(telliott)
Attachment #358516 -
Flags: review?(telliott)
|
||
Comment 2•16 years ago
|
||
Attachment integrated. Leaving this bug open as a tracker for implementing the remainder of the skeleton.
|
||
Comment 3•16 years ago
|
||
You allow anonymous binds? Why?
Why isn't this stuff stored in a config rather than hardcoded in the actual code?
|
|
||
Comment 4•16 years ago
|
||
I'll let anant speak to the anonymous binds.
The constants are part of weave_constats file; I just missed pulling that set out of the top of the object when I did the integration. Thanks for the catch.
|
|
Assignee | |
Comment 5•16 years ago
|
||
> You allow anonymous binds? Why?
I don't think we do. The corresponding lines of code:
> $userdn = WEAVE_LDAP_AUTH_PARAM."=$user,".WEAVE_LDAP_AUTH_DN;
> if (ldap_bind($this->_conn, $userdn, $pass))
We're binding as the user; it's not anonymous. If the bind fails, we assume it was because the password was incorrect and proceed accordingly.
|
|
Assignee | |
Comment 6•16 years ago
|
||
Added a few more methods to the auth backend: http://hg.mozilla.org/labs/weaveserver/rev/2993d6b9c1f7
create_user will be fine-tuned according to the new schema as soon as I can do some tests on sm-proxy01 (which will be when we switch that box to the new ldap structure)
|
|
Assignee | |
Comment 7•16 years ago
|
||
http://hg.mozilla.org/labs/weaveserver/rev/30ac838ff9cb makes the backend work with our new cluster
|
||
Comment 8•16 years ago
|
||
This is done, no? Or are you keeping this bug open until you port all the web pages too?
|
|
Assignee | |
Comment 9•16 years ago
|
||
Yes, I'd like to make sure all the methods work as expected before closing the bug.
|
|
||
Comment 10•16 years ago
|
||
LDAP currently does not have support for the X-Weave-Alert fields, though we could move that into its own bug.
|
|
Assignee | |
Comment 11•16 years ago
|
||
On a similar note we also need support for account status and alert messages, both in the LDAP schema and in this code.
|
|
||
Comment 12•16 years ago
|
||
Are you including porting the dashboard as part of this bug as well? If not I'll file a new bug for that.
|
|
||
Updated•16 years ago
|
OS: Mac OS X → All
Priority: -- → P1
|
|
Assignee | |
Comment 13•16 years ago
|
||
(In reply to comment #12)
> Are you including porting the dashboard as part of this bug as well? If not
> I'll file a new bug for that.
Separate bug would help, thanks!
|
|
Assignee | |
Comment 14•16 years ago
|
||
LDAP Auth backend tested and in place (hg tip please!)
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
|
||
Updated•16 years ago
|
Component: Weave Server → Server
Product: Mozilla Labs → Weave
Target Milestone: 0.3 → ---
Version: 0.3 → unspecified
|
|
||
Updated•16 years ago
|
QA Contact: weaveserver → server
|
|
||
Comment 15•14 years ago
|
||
Comment on attachment 358520 [details] [diff] [review]
Weave server LDAP authentication
Clearing this from the review queue. It's been long-incorporated
Attachment #358520 -
Flags: review?(telliott) → review-
|
||
Updated•2 years ago
|
Product: Cloud Services → Cloud Services Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•