[Koha-bugs] [Bug 20879] Shibboleth matchpoint no longer works after upgrade to 17.11
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Jun 20 22:52:00 CEST 2018
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20879
--- Comment #12 from cking at uttyler.edu ---
>From what I'm seeing in the logs:
1. It starts shibboleth validation
(https://github.com/Koha-Community/Koha/blob/7f2ffda09f04adf0cfe244b48a09fb130752f330/C4/Auth.pm#L946)
with $shib = 1 and $shib_login = 5000120216
2. Within the call to checkpw, it first hits elseif ($ldap) and userid and
password are empty
(https://github.com/Koha-Community/Koha/blob/7f2ffda09f04adf0cfe244b48a09fb130752f330/C4/Auth.pm#L1776)
3. Builds the principal_name as [empty userid]@domain.edu
(https://github.com/Koha-Community/Koha/blob/7f2ffda09f04adf0cfe244b48a09fb130752f330/C4/Auth_with_ldap.pm#L146)
4. Fails LDAP bind with invalid principal name and empty password
(https://github.com/Koha-Community/Koha/blob/7f2ffda09f04adf0cfe244b48a09fb130752f330/C4/Auth_with_ldap.pm#L169)
with "LDAP error #48: LDAP_INAPPROPRIATE_AUTH The server requires the client
which had attempted to bind anonymously or without supplying credentials to
provide some form of credentials"
5. Back in checkpw
(https://github.com/Koha-Community/Koha/blob/7f2ffda09f04adf0cfe244b48a09fb130752f330/C4/Auth.pm#L1778),
retval is 0.
6. I do not make it into this elseif block
(https://github.com/Koha-Community/Koha/blob/7f2ffda09f04adf0cfe244b48a09fb130752f330/C4/Auth.pm#L1801)
7. The next error in the log is an uninitialized value in subroutine entry at
https://github.com/Koha-Community/Koha/blob/7f2ffda09f04adf0cfe244b48a09fb130752f330/C4/Auth.pm#L1911
8. And then
https://github.com/Koha-Community/Koha/blob/7f2ffda09f04adf0cfe244b48a09fb130752f330/C4/Auth.pm#L1159
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list