[Koha-bugs] [Bug 5094] auth_by_bind authentication can fail even if given a correct password and userid
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Jun 14 17:14:47 CEST 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5094
Joe Atzberger <ohiocore at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ohiocore at gmail.com
--- Comment #2 from Joe Atzberger <ohiocore at gmail.com> 2011-06-14 15:14:47 UTC ---
Confirm bug from d114ebe80adc7b2c34d08d94c17d302b3ddda4be. search_method must
NOT be called if bind has already occurred, because it will bind again and with
different credentials depending on config (likely anonymously). This is
important for auth_by_bind for obvious reasons, mainly that Active Directory
doesn't allow you to view the same record anonymously that you would get when
bound as the user.
Even if it were successful (which it isn't), binding twice is logically
incorrect and bad for performance.
The amount of complexity in the LDAP code is seriously regrettable.
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
More information about the Koha-bugs
mailing list