[Bug 37110] New: Can LDAPAuthentication support alias deference?

bugzilla-daemon Thu, 24 May 2012 19:08:37 -0700

https://bugzilla.wikimedia.org/show_bug.cgi?id=37110


       Web browser: ---
             Bug #: 37110
           Summary: Can LDAPAuthentication support alias deference?
           Product: MediaWiki extensions
           Version: master
          Platform: All
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: Unprioritized
         Component: LdapAuthentication
        AssignedTo: rlan...@gmail.com
        ReportedBy: cyc...@gmail.com
                CC: wikibugs-l@lists.wikimedia.org
    Classification: Unclassified
   Mobile Platform: ---


I have successfully setup LdapAuthentication extension for my mediawiki site. 
The LDAP authentication works and I may notice that in my ldap.log.  Here is my
ldap setting in LocalSettings.php:

$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( 'DOM');
$wgLDAPServerNames = array( 'DOM' => 'ldap.example.my');
$wgLDAPSearchAttributes = array( 'DOM' => 'uid');
$wgLDAPBaseDNs = array( 'DOM' => 'ou=employee,dc=example,dc=com');
$wgLDAPEncryptionType = array( 'DOM' => 'tls');
$wgMinimalPasswordLength = 1;

I then try to use set BaseDN to my alias group, is obviously the
LdapAuthentication doesn't support alias deference:

$wgLDAPBaseDNs = array( 'DOM' => 'ou=aliasgroup,dc=example,dc=com');
$wgLDAPOptions = array( 'DOM' => array( LDAP_OPT_DEREF => LDAP_DEREF_ALWAYS ));

The $wgLDAPOptions doesn't seems to function.  I attempt to trace the source
LdapAuthentication.php and found in line 230:

        public static function ldap_search( $ldapconn, $basedn, $filter,
$attributes=array(), $attrsonly=null, $sizelimit=null, $timelimit=null,
$deref=null ) {

There is a parameter $deref in function ldap_search.  It seems that
LdapAuthentication doesn't make use of $deref parameter.

I change $deref=null to $deref=3 and the authentication via alias works without
problem.  Please enhance LdapAuthentication to support alias dereferencing. 
Thank you.

-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 37110] New: Can LDAPAuthentication support alias deference?

Reply via email to