[Koha-bugs] [Bug 6979] LDAP authentication fails during password comparison
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Oct 19 15:44:58 CEST 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=6979
Paul Poulain <paul.poulain at biblibre.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |paul.poulain at biblibre.com
Patch Status|Needs Signoff |Failed QA
--- Comment #2 from Paul Poulain <paul.poulain at biblibre.com> 2011-10-19 13:44:58 UTC ---
QA comment
investigating this bug before the signoff :
2 comments :
=== COMMENT 1 ===
+ # BUG 6979
+ # 2011-09-29 Robert Fox (rfox2 at nd.edu)
=> those comments should not be in the code. Git is here to keep track of those
informations. I agree you've reindented
+ # BUG #5094
+ # 2010-08-04 JeremyC
but it should not have been here either (and now we have a strong QA, it would
not have been accepted)
So, please resubmit without those comments.
=== COMMENT 2 ===
Replacing compare by a bind is not a good solution. Some LDAPs are configured
to let no-one (except some specific accounts) bind. Some are configured to
require binding.
It means you'll solve a problem (for you probably, but not only, I agree), and
create another problem for some other libraries that have Auth_with_ldap
working now.
A better patch would be :
* to test compare, and if it fails, test binding (acceptable, although dirty &
less secure I feel)
or
* add an entry in the ldap config file to select between bind & compare method
(better but more work)
So I think we should not integrate this patch for now, and mark as failed QA.
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
More information about the Koha-bugs
mailing list