Bug #1236

ldap auth takes as fake password the user dn

Added by olivier sallou over 7 years ago. Updated over 7 years ago.

Status:ClosedStart date:04/17/2012
Priority:NormalDue date:
Assignee:Javi Fontan% Done:

0%

Category:Drivers - Auth
Target version:Release 3.6
Resolution:fixed Pull request:
Affected Versions:OpenNebula 3.4

Description

The ldap module takes the ldap dn found as a fake password to create a user.
though, cn may contain spaces (or other not supported characters). This results in user creation failure.
This occurs, even if user_field is set to an other field than default (uid in my case).

In authm_mad/remotes/ldap/ldap_auth.rb:

def find_user(name)
begin
result=@ldap.search(
:base => @options[:base],
:filter => "#{@options[:user_field]}=#{name}")
if result && result.first
result.first.dn

Associated revisions

Revision 3b3ec9d1
Added by Javi Fontan over 7 years ago

bug #1236: ldap user dn

Revision 9a34feec
Added by Javi Fontan over 7 years ago

features #1236 and #1252: bug fixes

Revision be639816
Added by Javi Fontan over 7 years ago

features #1236 and #1252: move unescape to ldap auth

Revision e5d6e2c8
Added by Javi Fontan over 7 years ago

features #1236 and #1252: make URI escape work with ruby 1.8.7

History

#1 Updated by olivier sallou over 7 years ago

I include a patch proposal, setting user name as fake password instead of dn:

--- /tmp/authenticate 2012-04-17 14:48:20.000000000 0200
+
+ /var/lib/one/remotes/auth/default/authenticate 2012-04-17 14:44:22.157173559 +0200
@ -54,7 +54,8 @
end

if ldap.authenticate(user_name, secret)
- puts "ldap #{user} #{user_name}"
+ #puts "ldap #{user} #{user_name}"
+ puts "ldap #{user} #{user}"
exit(0)
else
STDERR.puts "Bad user/password"

#2 Updated by Ruben S. Montero over 7 years ago

  • Target version set to Release 3.6

#3 Updated by Ruben S. Montero over 7 years ago

  • Category set to Drivers - Auth
  • Assignee set to Javi Fontan

#4 Updated by Javi Fontan over 7 years ago

  • Status changed from New to Closed
  • Resolution set to fixed

Also available in: Atom PDF