linux-traipu team mailing list archive

[Zisis Sialveras <zisis00@xxxxxxxxx>]

Hello Henrik. Thank you about reviewing my work. I have some questions
though.

On 03/23/2012 04:45 PM, Henrik Ingo wrote:
> Hi Zisis
>
> Your patch looks straightforward and ok. I haven't tested it though.
>
> I will do a review here since there is not a real Launchpad review
> request yet:
>
> -  N_("Authentication against an LDAP server"),
> +  "LDAP based authenication.",
>
> Please don't change this. All authentication modules have a similar
> description so stick to the style that's there.

I can't really understand what you trying to say here. What (and where) is "LDAP based authentication" and "Authentication against an LDAP server" and when i change them ?
Can you be more specific about this one, because it make no sense to me.

>
> Please update the documentation in docs/index.rst. Since you seem to
> know LDAP well, please do your best at writing something about the new
> variable. If you don't know the RST syntax and/or don't like writing in
> English, don't worry, I can help you later. But try to document what
> each of the values for scope mean.

I just wrote a briefly explanation about scope options and what is the functionality of each one.
The truth is that i am not used to RST syntax, but i think i can understand it just from watching the index.rst. - I think i wrote it correctly.
Where should i test it though ? And if it is indeed correct, should i push the changes ?

>
> Finally, I'll note that it seems this plugin is not automatically tested
> in any way. The test_ldap.sh script apparently expects an OpenLDAP
> server to be running at ldap://localhost:12321/ but the data that needs
> to be in that ldap server unfortunately was never committed to the
> repository.
>
> If one day you want to be a real hero, you could create automated testing based on that script:
>   - start openldap on some port
>   - insert test data to openldap
>   - then run tests similar to what test_ldap.sh currently does.
>   - also cover the new scope options.
>
> But this is asking quite a lot, I think the patch can be committed
> without tests for now. Please fix the other comments first though.
>

Sounds cool. Maybe i will start working on it a lil' bit :-)

Zisis

-- 
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Drizzle.
https://bugs.launchpad.net/bugs/932837

Title:
  FEATURE REQUEST: Add "wholeSubtree search capabilities in auth-ldap

Status in A Lightweight SQL Database for Cloud Infrastructure and Web Applications:
  Fix Committed

Bug description:
  Currently the auth-ldap only supports singleLevel search
  (LDAP_SCOPE_ONELEVEL) which is not very useful for organisations with
  complicated structure. For example in our university each department
  has it's own OU and the users lie under their respective OUs. So there
  is a need for hierarchical searching under a common Base-Dn

  According to the auth-ldap doc page:

  "The option LDAP_SCOPE_ONELEVEL option is used when searching the LDAP
  directory. This means you must specify the full base-dn. For instance,
  if you have users defined in the dn ou=people,dn=example,dn=com
  authentication will fail if you only specify dn=example,dn=com. A
  consequence of this is that all your Drizzle users must belong to the
  same LDAP organizationalUnit.

  This is currently a fixed option and can only be changed by editing
  source code. However, there is no reason why it couldn’t be a
  configurable option to also allow multi level searches. Please contact
  the Drizzle developers if you have such needs. (See Help and Support)"

  So here I am requesting for multi level searches (wholeSubtree)
  support for auth-ldap if  it's not to hard to implement.

To manage notifications about this bug go to:
https://bugs.launchpad.net/drizzle/+bug/932837/+subscriptions