You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2011/04/01 11:30:00 UTC
DO NOT REPLY [Bug 51005] New: Allow to use username in LDAP filter
https://issues.apache.org/bugzilla/show_bug.cgi?id=51005
Summary: Allow to use username in LDAP filter
Product: Apache httpd-2
Version: 2.3-HEAD
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: mod_authn_ldap
AssignedTo: bugs@httpd.apache.org
ReportedBy: julien@danjou.info
Currently, the filter given in AuthLDAPURL abuse the RFC by using the attribute
to match the username provided. This does not allow more complex search filter.
The attached patch replaces %u in the filter string by the provided username,
so one can check for more complicated things like:
ldap://ldap.example.com/ou=users,o=easter-eggs??base?(mail=%u@example.com)
Please note that this patch does not modify the current behaviour and is
backward compatible.
Something that can be enhanced is the use of 'attribute' in the filter based on
its presence in the URL or not. Currently, the documentation says it's set to
uid by default, which is a problem if you do no want to use the default filter.
I though about ignoring attribute if it's not present, but that might break
compatibility. I'm fine with my patch's approach, but if you think another one
is better, just tell me, I'll rework the patch.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 51005] Allow to use username in LDAP filter
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=51005
--- Comment #1 from Julien Danjou <ju...@danjou.info> 2011-04-01 05:31:17 EDT ---
Created an attachment (id=26822)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=26822)
Patch implementing that
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 51005] Allow to use username in LDAP filter
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=51005
Julien Danjou <ju...@danjou.info> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |julien@danjou.info
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 51005] Allow to use username in LDAP filter
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=51005
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |PatchAvailable
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org