MantisBT - Pending Requests
View Issue Details
0000296Pending RequestsCore Infrastructurepublic2009-10-29 06:582014-08-31 22:15
Assigned To 
PlatformOSOS Version
Product Version 
Target VersionFixed in Version 
Summary0000296: LDAP Users with no attributes can't log in.
DescriptionClass LDAPAuthenticator Method authenticate()
function createsqluser()
which has the lines:

if (!count($ldap_attribs) == 0) { ... make new CContact object $c, save .... }

but later it has:
$q->addInsert('user_contact', $c->contact_id);

$c could be null at this point if the LDAP user has no attributes saved!

Worst, the error then appears in the logs:
[Thu Oct 29 13:11:56 2009] [error] [client X.X.X.X] ....web2project/classes/query.class.php(1145): query failed(INSERT INTO `users`(`user_username`,`user_password`,`user_type`,`user_contact`) VALUES ('james','XXXXXXXXXXXXXXXXXXXX','1',NULL)) - error was: <span style="color:red">Column 'user_contact' cannot be null</span>, referer:

And the user is thrown out of the login process with a stark "Login Failed" message.

This is web2Project 1.1.0 on MySQL Database, but when I was tracing the code I looked directly at:
Revision: 730

ps. What does the line
$contact_id = ($c->contact_id == null) ? 'NULL' : $c->contact_id;
do? $contact_id is not used after that line?
TagsNo tags attached.
Attached Files

2009-10-29 07:05   
Here's my quick fix:

Remove the IF statement:
if (!count($ldap_attribs) == 0) {

And modify this line:
$c->contact_first_name = ($ldap_attribs['givenname'][0]) ? ($ldap_attribs['givenname'][0]) : $username;

Now user will still be created, just with a very minimal Contact record.
2009-12-06 17:09   
I don't understand the impacts of this change. What are the ldap_attributes on the LDAP side of things? Are they purely descriptive information?

Issue History
2009-10-29 06:58jamesNew Issue
2009-10-29 07:05jamesNote Added: 0000559
2009-11-08 20:04caseydkProjectv1.1 Release (Closed) => v1.2 Release (Closed)
2009-12-06 17:09caseydkNote Added: 0000628
2009-12-06 17:09caseydkStatusnew => feedback
2009-12-07 20:43caseydkProjectv1.2 Release (Closed) => Pending Requests
2014-08-16 18:21caseydkCategoryGeneral => Core Infrastructure
2014-08-31 22:15caseydkSeveritymajor => minor
2014-08-31 22:15caseydkProduct Version1.1 =>