← Back to team overview

c2c-oerpscenario team mailing list archive

[Bug 738721] Re: base_crypt and users_ldap don't work together

 

@Russell: sorry, you may have been mislead by the bug title, but
users_ldap does not store the LDAP passwords in the database at all,
authentication is always performed against the LDAP server directly. The
only reason you might want to install base_crypt in addition to
users_ldap is to have non-LDAP users (with encrypted passwords) in
addition to the LDAP users.

As for the reason for cleartext passwords: once you switch to encrypted
passwords you can't recover user passwords anymore . So enabling it is a
choice, because there's no going back. We don't currently plan to make
passwords encrypted by default.

Also, people often don't realize that even if encrypted passwords do
decrease the chance of having the cleartext passwords stolen (provided
several requirements are met in the encryption scheme!), they don' t
replace real measures for ensuring the security of a database! Passwords
are just regular data, so if they are compromised (even encrypted), it
means the whole database was, and that means a lot more to worry about
than just asking users to pick new passwords.

BTW, we're indeed going to make base_crypt and users_ldap work together,
but it requires a change in the design of OpenERP authentication, to
implement a pluggable authentication system. We're also planning to
provide new encryption schemes in base_crypt, such as SHA-based HMAC.

-- 
You received this bug notification because you are a member of C2C
OERPScenario, which is subscribed to the OpenERP Project Group.
https://bugs.launchpad.net/bugs/738721

Title:
  base_crypt and users_ldap don't work together

Status in OpenERP Modules (addons):
  Confirmed

Bug description:
  I installed and configured users_ldap so that all of my users can login using their credentials stored in OpenLDAP, which worked fine. Then I installed base_crypt (with the intention of all other passwords in the db, for non-ldap-users like 'admin') being encrypted. However, this prevents all LDAP users from logging in.
  I suppose that base_crypt tries to authenticate the user and if this fails, login fails, without users_ldap trying to authenticate. I think this behaviour should be changed towards:
   1. Check whether user can login using the (possibly encrypted) password in the database.
   2. If not, check whether user can login using the LDAP password.
   3. If now, refuse access.
  Right now, the second step seems to be omitted when base_crypt is used.


Follow ups

References