Last modified: 2014-02-12 23:38:32 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T39110, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 37110 - Can LDAPAuthentication support alias deference?
Can LDAPAuthentication support alias deference?
Status: ASSIGNED
Product: MediaWiki extensions
Classification: Unclassified
LdapAuthentication (Other open bugs)
master
All Linux
: Normal normal (vote)
: ---
Assigned To: Ryan Lane
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-05-25 02:08 UTC by Chau, Chee Yang
Modified: 2014-02-12 23:38 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Chau, Chee Yang 2012-05-25 02:08:31 UTC 
I have successfully setup LdapAuthentication extension for my mediawiki site.  The LDAP authentication works and I may notice that in my ldap.log.  Here is my ldap setting in LocalSettings.php:

$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPDomainNames = array( 'DOM');
$wgLDAPServerNames = array( 'DOM' => 'ldap.example.my');
$wgLDAPSearchAttributes = array( 'DOM' => 'uid');
$wgLDAPBaseDNs = array( 'DOM' => 'ou=employee,dc=example,dc=com');
$wgLDAPEncryptionType = array( 'DOM' => 'tls');
$wgMinimalPasswordLength = 1;

I then try to use set BaseDN to my alias group, is obviously the LdapAuthentication doesn't support alias deference:

$wgLDAPBaseDNs = array( 'DOM' => 'ou=aliasgroup,dc=example,dc=com');
$wgLDAPOptions = array( 'DOM' => array( LDAP_OPT_DEREF => LDAP_DEREF_ALWAYS ));

The $wgLDAPOptions doesn't seems to function.  I attempt to trace the source LdapAuthentication.php and found in line 230:

        public static function ldap_search( $ldapconn, $basedn, $filter, $attributes=array(), $attrsonly=null, $sizelimit=null, $timelimit=null, $deref=null ) {

There is a parameter $deref in function ldap_search.  It seems that LdapAuthentication doesn't make use of $deref parameter.

I change $deref=null to $deref=3 and the authentication via alias works without problem.  Please enhance LdapAuthentication to support alias dereferencing.  Thank you.
Comment 1 Brylie Oxley 2012-07-25 23:07:13 UTC 
Marking this feature request as assigned, and assigning priority to normal.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links