openerp-india team mailing list archive

["Olivier Dony \(OpenERP\)" <738721@xxxxxxxxxxxxxxxxxx>]

As previously announced, the incompatibility issue between `auth_crypt`
and `auth_ldap` (formerly base_crypt and  users_ldap) has been lifted in
OpenERP 7.0, as of addons revision 9337
revid:dle@xxxxxxxxxxx-20130731153129-8hmqrgsg3e9d533f.

Note: in trunk we are further improving auth_crypt, switching it to use
the `passlib` library (which supports the `md5crypt` scheme we were
using before), and changing the default scheme to SHA-512 (salted of
course)

** Changed in: openobject-addons
       Status: Confirmed => Fix Released

** Changed in: openobject-addons
    Milestone: None => 7.0

-- 
You received this bug notification because you are a member of OpenERP
Indian Team, which is subscribed to OpenERP Addons.
https://bugs.launchpad.net/bugs/738721

Title:
  base_crypt and users_ldap don't work together

Status in OpenERP Addons (modules):
  Fix Released

Bug description:
  I installed and configured users_ldap so that all of my users can login using their credentials stored in OpenLDAP, which worked fine. Then I installed base_crypt (with the intention of all other passwords in the db, for non-ldap-users like 'admin') being encrypted. However, this prevents all LDAP users from logging in.
  I suppose that base_crypt tries to authenticate the user and if this fails, login fails, without users_ldap trying to authenticate. I think this behaviour should be changed towards:
   1. Check whether user can login using the (possibly encrypted) password in the database.
   2. If not, check whether user can login using the LDAP password.
   3. If now, refuse access.
  Right now, the second step seems to be omitted when base_crypt is used.

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-addons/+bug/738721/+subscriptions