[Koha-bugs] [Bug 36161] New: ISLDI AuthenticatePatron broken when LDAP enabled and auth falls back to internal connection
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Feb 23 20:54:55 CET 2024
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36161
Bug ID: 36161
Summary: ISLDI AuthenticatePatron broken when LDAP enabled and
auth falls back to internal connection
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: nick at bywatersolutions.com
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
bug 34893 passes a patron object back from authentication, however, when LDAP
is enabled we define the patron from the return of checkpw_ldap
When the ldap auth is a failure, we fallback to internal, however, we don't
redefine the patron object
In the code:
1965 if ( defined $userid ) {
1966 $patron = Koha::Patrons->find( { userid => $userid } );
1967 $patron = Koha::Patrons->find( { cardnumber => $userid } ) unless
$patron;
1968 }
.
.
.
1980 } elsif ( $ldap && defined($password) ) {
1981 my ( $retval, $retcard, $retuserid );
1982 ( $retval, $retcard, $retuserid, $patron ) = checkpw_ldap(@_);
# EXTERNAL AUTH
.
.
.
2026 # INTERNAL AUTH
2027 if ($check_internal_as_fallback) {
2028 @return = checkpw_internal( $userid, $password, $no_set_userenv );
2029 push( @return, $patron );
2030 $passwd_ok = 1 if $return[0] > 0; # 1 or 2
2031 }
line 1982 undefs, line 2029 returns it
In ilsdi:
397 my ($status, $cardnumber, $userid, $patron) = C4::Auth::checkpw(
$username, $password );
398 if ( $status == 1 ) {
399 # Track the login
400 $patron->update_lastseen('connection');
401 return { id => $patron->borrowernumber };
402 }
We die on undefined patron
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list