Skip to content

bugzilla
bugzilla
Commit ee385c93 authored by mkanat%bugzilla.org's avatar mkanat%bugzilla.org
Browse files
Options

Bug 320751: LDAP: Ability to have Bugzilla use the LDAP username directly as the Bugzilla username

Patch By guillomovitch@zarb.org r=mkanat, a=myk
parent f3254c63
Hide whitespace changes
Inline Side-by-side
Showing with 29 additions and 18 deletions
Bugzilla/Auth/Verify/LDAP.pm
View file @ ee385c93
...@@ -86,13 +86,18 @@ sub check_credentials { ...@@ -86,13 +86,18 @@ sub check_credentials {
my $user_entry = $detail_result->shift_entry; my $user_entry = $detail_result->shift_entry;
my $mail_attr = Param("LDAPmailattribute"); my $mail_attr = Param("LDAPmailattribute");
if (!$user_entry->exists($mail_attr)) { if ($mail_attr) {
return { failure => AUTH_ERROR, if (!$user_entry->exists($mail_attr)) {
error => "ldap_cannot_retreive_attr", return { failure => AUTH_ERROR,
details => {attr => $mail_attr} }; error => "ldap_cannot_retreive_attr",
details => {attr => $mail_attr} };
}
$params->{bz_username} = $user_entry->get_value($mail_attr);
} else {
$params->{bz_username} = $username;
} }
$params->{bz_username} = $user_entry->get_value($mail_attr);
$params->{realname} ||= $user_entry->get_value("displayName"); $params->{realname} ||= $user_entry->get_value("displayName");
$params->{realname} ||= $user_entry->get_value("cn"); $params->{realname} ||= $user_entry->get_value("cn");
......
docs/xml/installation.xml
View file @ ee385c93
<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> --> <!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> -->
<!-- $Id: installation.xml,v 1.118 2006/04/30 20:35:15 lpsolit%gmail.com Exp $ --> <!-- $Id: installation.xml,v 1.119 2006/05/30 21:17:34 mkanat%bugzilla.org Exp $ -->
<chapter id="installing-bugzilla"> <chapter id="installing-bugzilla">
<title>Installing Bugzilla</title> <title>Installing Bugzilla</title>
...@@ -1320,16 +1320,18 @@ c:\perl\bin\perl.exe -xc:\bugzilla -wT "%s" %s ...@@ -1320,16 +1320,18 @@ c:\perl\bin\perl.exe -xc:\bugzilla -wT "%s" %s
you need to deal with user ID (e.g assigning a bug) use the email you need to deal with user ID (e.g assigning a bug) use the email
address. The LDAP authentication builds on top of this scheme, rather address. The LDAP authentication builds on top of this scheme, rather
than replacing it. The initial log in is done with a username and than replacing it. The initial log in is done with a username and
password for the LDAP directory. This then fetches the email address password for the LDAP directory. Bugzilla tries to bind to LDAP using
from LDAP and authenticates seamlessly in the standard Bugzilla those credentials, and if successful, try to map this account to a
authentication scheme using this email address. If an account for this Bugzilla account. If a LDAP mail attribute is defined, the value of this
address already exists in your Bugzilla system, it will log in to that attribute is used, otherwise emailsuffix parameter is appended to LDAP
account. If no account for that email address exists, one is created at username to form a full email adress. If an account for this address
the time of login. (In this case, Bugzilla will attempt to use the already exists in your Bugzilla system, it will log in to that account.
"displayName" or "cn" attribute to determine the user's full name.) If no account for that email address exists, one is created at the time
After authentication, all other user-related tasks are still handled by of login. (In this case, Bugzilla will attempt to use the "displayName"
email address, not LDAP username. You still assign bugs by email or "cn" attribute to determine the user's full name.) After
address, query on users by email address, etc. authentication, all other user-related tasks are still handled by email
address, not LDAP username. You still assign bugs by email address, query
on users by email address, etc.
</para> </para>
<caution> <caution>
......
template/en/default/admin/params/ldap.html.tmpl
View file @ ee385c93
...@@ -39,8 +39,12 @@ ...@@ -39,8 +39,12 @@
LDAPuidattribute => "The name of the attribute containing the user's login name.", LDAPuidattribute => "The name of the attribute containing the user's login name.",
LDAPmailattribute => "The name of the attribute of a user in your directory that " _ LDAPmailattribute => "The name of the attribute of a user in your " _
"contains the email address.", "directory that contains the email address, to be " _
"used as $terms.Bugzilla username. If this parameter " _
"is empty, $terms.Bugzilla will use the LDAP username"_
" as the $terms.Bugzilla username. You may also want" _
" to set the \"emailsuffix\" parameter, in this case.",
LDAPfilter => "LDAP filter to AND with the <tt>LDAPuidattribute</tt> for " _ LDAPfilter => "LDAP filter to AND with the <tt>LDAPuidattribute</tt> for " _
"filtering the list of valid users." } "filtering the list of valid users." }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment