My favorites | Sign in
Logo
Project Home
  
Wiki
  
Issues
    
New issue | Search
for
| Advanced search | Search tips
Issue 891: LDAP enhancements
2 people starred this issue and may be notified of changes. Back to list
Status:  Fixed
Owner:  chipx86
Closed:  May 2009
Type-Enhancement
Priority-Medium
Milestone-Release1.0
Component-Accounts


Sign in to add a comment
 
Reported by schlaber, Feb 16, 2009 
1)
Look at the attached image. It's not clear, that one of this two fields
must be filled out. If both fields are empty, there is an error during logon.

-------------------------------
if settings.LDAP_EMAIL_DOMAIN:
    email = u'%s@%s' % (username, settings.LDAP_EMAIL_DOMAIN)
elif settings.LDAP_EMAIL_ATTRIBUTE:
    email = passwd[0][1][settings.LDAP_EMAIL_ATTRIBUTE][0]

user = User(username=username,
            password='',
            first_name=first_name,
            last_name=last_name,
            email=email)
-------------------------------

2)
Is there a good reason why the scope is fix ldap.SCOPE_ONELEVEL? It would
be great if there could be an additional setting. I have to search in the
scope ldap.SCOPE_SUBTREE

-------------------------------
class LDAPBackend:
    def authenticate(self, username, password):
        ....
        search = ldapo.search_s(settings.LDAP_BASE_DN, ldap.SCOPE_ONELEVEL,
                                uid)
-------------------------------
rb-ldap.png
21.6 KB   View   Download
Comment 1 by schlaber, Feb 16, 2009 
3)
The ldap username should be case insensitiv. If you login with username "Test" RB
will create an new user. If you type "test" as username the next time, RB creates
also an new user and doesn't query the user "Test". Both "Test" and "test" are
identically in the ldap-tree.
Comment 2 by trowbrds, Mar 24, 2009 
(No comment was entered for this change.)
Labels: -Type-Defect Type-Enhancement
Comment 3 by ru.w31...@gmail.com, Apr 09, 2009 
It also assumes that attributes `givenName` and `sn` are always present, which is not
necessary true.
-----
first_name = passwd[0][1]['givenName'][0]
last_name = passwd[0][1]['sn'][0]
-----

Maybe it's a good idea to have a fallback like this?
-----
first_name = username
last_name = ''
-----
Comment 4 by chipx86, Apr 27, 2009 
It would be helpful to break these into different bugs. I'm addressing the
givenName/sn issue now, the SCOPE_SUBTREE was fixed in another change, and the e-mail
still needs to be handled.
Status: Confirmed
Labels: Milestone-Release1.0 Component-Accounts
Comment 5 by chipx86, Apr 28, 2009 
Everything but the case-insensitive part is fixed.
Comment 6 by chipx86, May 01, 2009 
The whitespace bug is being tracked by  bug 1012 .
Status: Fixed
Owner: chipx86
Sign in to add a comment

Powered by Google Project Hosting