[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GMG-Devel] LDAP Integration

From: Sebastian Hugentobler
Subject: Re: [GMG-Devel] LDAP Integration
Date: Mon, 16 Nov 2015 21:15:41 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0

>> - LDAP_USER_ATTRIBUTE: was hardcoded as *uid*, should fix issue #924
>> (I hope I got the correct issue). Mandatory.
> This looks important... we should probably merge as its own patch?

Yes. There is already a patch from the submitter of #924 (I overlooked
that before). It splits the user dn template and takes the first
attribute as username. This fails if you don't want to use the login
name as username (eg if you are using mail addresses for the login),
which admittedly is not the usual case.

> There's a bug in the code here:
> + use_user_filter = v['LDAP_USER_FILTER'] is not None
> + user_allowd = True
> [...]
> + return (uid, email) if user_allowed else (False, None)
> If use_user_filter is False, this code will error out...

Argh, that's a stupid typo, I am sorry. I need to fix my test setup.

> As an aside, this is the type of thing that normally we should do on the
> issue tracker, but full ack that it's pretty borked right now if you
> don't already have an account there.... we might be able to fix that
> shortly. Do you currently have an account on the tracker?

Yep, I already have an account (name is thallian) but the filter was
giving me trouble (and the tls certificate too). I can try to submit it
again to the issue tracker, would make things easier for sure.

Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]