Skip to content

bugzilla
bugzilla
Commit c423290c authored by mkanat%bugzilla.org's avatar mkanat%bugzilla.org
Browse files
Options

Bug 367480: [LDAP] Try a list of servers in order until we connect successfully

Patch By Tony Bajan <firefox@tonyb.me.uk> r=mkanat, a=mkanat
parent 558b05ca
Show whitespace changes
Inline Side-by-side
Showing with 13 additions and 6 deletions
Bugzilla/Auth/Verify/LDAP.pm
View file @ c423290c
...@@ -37,6 +37,7 @@ use fields qw( ...@@ -37,6 +37,7 @@ use fields qw(
use Bugzilla::Constants; use Bugzilla::Constants;
use Bugzilla::Error; use Bugzilla::Error;
use Bugzilla::Util;
use Net::LDAP; use Net::LDAP;
...@@ -134,11 +135,15 @@ sub ldap { ...@@ -134,11 +135,15 @@ sub ldap {
my ($self) = @_; my ($self) = @_;
return $self->{ldap} if $self->{ldap}; return $self->{ldap} if $self->{ldap};
my $server = Bugzilla->params->{"LDAPserver"}; my @servers = split(/[\s,]+]/, Bugzilla->params->{"LDAPserver"});
ThrowCodeError("ldap_server_not_defined") unless $server; ThrowCodeError("ldap_server_not_defined") unless @servers;
$self->{ldap} = new Net::LDAP($server) foreach (@servers) {
|| ThrowCodeError("ldap_connect_failed", { server => $server }); $self->{ldap} = new Net::LDAP(trim($_));
last if $self->{ldap};
}
ThrowCodeError("ldap_connect_failed", { server => join(", ", @servers) })
unless $self->{ldap};
# try to start TLS if needed # try to start TLS if needed
if (Bugzilla->params->{"LDAPstarttls"}) { if (Bugzilla->params->{"LDAPstarttls"}) {
......
template/en/default/admin/params/ldap.html.tmpl
View file @ c423290c
...@@ -30,7 +30,9 @@ ...@@ -30,7 +30,9 @@
"URI syntax can also be used, such as "_ "URI syntax can also be used, such as "_
"ldaps://ldap.company.com (for a secure connection) or " _ "ldaps://ldap.company.com (for a secure connection) or " _
"ldapi://%2fvar%2flib%2fldap_sock (for a socket-based " _ "ldapi://%2fvar%2flib%2fldap_sock (for a socket-based " _
"local connection.", "local connection. Multiple hostnames or URIs can be comma " _
"separated; each will be tried in turn until a connection is " _
"established.",
LDAPstartls => "Whether to require encrypted communication once normal " _ LDAPstartls => "Whether to require encrypted communication once normal " _
"LDAP connection achieved with the server.", "LDAP connection achieved with the server.",
......
template/en/default/global/code-error.html.tmpl
View file @ c423290c
...@@ -279,7 +279,7 @@ ...@@ -279,7 +279,7 @@
The specified LDAP attribute [% attr FILTER html %] was not found. The specified LDAP attribute [% attr FILTER html %] was not found.
[% ELSIF error == "ldap_connect_failed" %] [% ELSIF error == "ldap_connect_failed" %]
Could not connect to the LDAP server <code>[% server FILTER html %]</code>. Could not connect to the LDAP server(s) <code>[% server FILTER html %]</code>.
[% ELSIF error == "ldap_start_tls_failed" %] [% ELSIF error == "ldap_start_tls_failed" %]
Could not start TLS with LDAP server: <code>[% error FILTER html %]</code>. Could not start TLS with LDAP server: <code>[% error FILTER html %]</code>.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment