mahara-contributors team mailing list archive

Thread
Date

[Bug 788029] A change has been merged

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Mahara Bot <dev@xxxxxxxxxx>
Date: Thu, 02 Jun 2011 00:16:26 -0000
Reply-to: Bug 788029 <788029@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

*** This bug is a duplicate of bug 656679 ***
    https://bugs.launchpad.net/bugs/656679

Reviewed:  https://reviews.mahara.org/269
Committed: http://gitorious.org/mahara/mahara/commit/18c7415febcc36c2ee1e172568e7c106e73b9484
Submitter: Francois Marier (francois@xxxxxxxxxxxxxxx)
Branch:    1.4_STABLE

commit 18c7415febcc36c2ee1e172568e7c106e73b9484
Author: I��aki Arenaza <iarenaza@xxxxxxxxxxxxx>
Date:   Tue May 31 23:00:24 2011 +0200

    Update user info on login can prevent re-login if a LDAP attribute is empty.
    
    If the LDAP attribute is empty, some LDAP servers don't return the attribute in
    the answer (as an empty value). This means the missing attribute is not present
    in the $ldapdetails array returned by get_userinfo_ldap(). If we try to compare
    the missing entry with the existing user value, they are always different
    (unless the existing entry was also empty). Which means we assign an empty value
    to the user profile field (which is not allowed by the db).
    
    Simply testing if the LDAP attribute has been retrieved and is not empty before
    making the comparison fixes the problem.
    
    Tested with both MS AD (on W2003) and OpenLDAP 2.4.23 (on Debian).
    
    Fixes bug #656679 (which also fixes bug #788029)
    
    Change-Id: I0a44bae18dea10e79f96479045a9dadf7b8120b8
    Signed-off-by: I��aki Arenaza <iarenaza@xxxxxxxxxxxxx>

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/788029

Title:
  LDAP/AD new user without email field cannot logon

Status in Mahara ePortfolio:
  New

Bug description:
  Mahara v1.3.6
  Linux 2.6.18-238.5.1.el5 (Centos 64bit)
  PHP 5.2.10 (cli) (built: Nov 13 2009 11:44:05)
  Copyright (c) 1997-2009 The PHP Group
  Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
  Apache/2.2.3
  mysql-server-5.0.77-4.el5_5.5

  We have an institution setup with MS Active directory authentication.
  If a new user logs on and does not have the email field setup in AD,
  you are prompted to enter the email address and you are logged on
  successfully. You can then access Mahara, change your profile etc.
  However if you log off you cannot log back on. Mahara just displays
  "probably a bug".

  This is our AD settings

   Authority name: students
   Host URL: ldap://ad.mydomain.ac.uk 
   Contexts: OU=University,DC=mydomain,DC=ac,DC=uk
   User type: MS ActiveDirectory
   User attribute: sAMAccountName
   Search subcontexts: Yes
   Distinguished name: CN=ldap mahara,OU=accts,DC=mydomain,DC=ac,DC=uk
   Password: ldap mahara password
   LDAP version: 3
   Update user info on login: Yes
   We auto-create users: Yes
   LDAP field for First Name: givenName
   LDAP field for Surname: sn
   LDAP field for Email: mail

   Apache errors attached (we use https so ssl_error_log).

References

[Bug 788029] [NEW] LDAP/AD new user without email field cannot logon
From: John, 2011-05-25