Anonymous Login
2019-12-10 14:57 PST

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0000296Pending RequestsCore Infrastructurepublic2014-08-31 22:15
Reporterjames 
Assigned To 
PrioritynormalSeverityminorReproducibilityalways
StatusfeedbackResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0000296: LDAP Users with no attributes can't log in.
DescriptionClass LDAPAuthenticator Method authenticate()
calls
function createsqluser()
which has the lines:

if (!count($ldap_attribs) == 0) { ... make new CContact object $c, save .... }

but later it has:
$q->addInsert('user_contact', $c->contact_id);

$c could be null at this point if the LDAP user has no attributes saved!

Worst, the error then appears in the logs:
[Thu Oct 29 13:11:56 2009] [error] [client X.X.X.X] ....web2project/classes/query.class.php(1145): query failed(INSERT INTO `users`(`user_username`,`user_password`,`user_type`,`user_contact`) VALUES ('james','XXXXXXXXXXXXXXXXXXXX','1',NULL)) - error was: <span style="color:red">Column 'user_contact' cannot be null</span>, referer: http://projects.dev.symetriq.com/index.php

And the user is thrown out of the login process with a stark "Login Failed" message.

This is web2Project 1.1.0 on MySQL Database, but when I was tracing the code I looked directly at:
URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk
Revision: 730

ps. What does the line
$contact_id = ($c->contact_id == null) ? 'NULL' : $c->contact_id;
do? $contact_id is not used after that line?
TagsNo tags attached.
Attached Files

-Relationships
+Relationships

-Notes

~0000559

james (reporter)

Here's my quick fix:

Remove the IF statement:
if (!count($ldap_attribs) == 0) {

And modify this line:
$c->contact_first_name = ($ldap_attribs['givenname'][0]) ? ($ldap_attribs['givenname'][0]) : $username;

Now user will still be created, just with a very minimal Contact record.

~0000628

caseydk (administrator)

I don't understand the impacts of this change. What are the ldap_attributes on the LDAP side of things? Are they purely descriptive information?
+Notes

-Issue History
Date Modified Username Field Change
2009-10-29 06:58 james New Issue
2009-10-29 07:05 james Note Added: 0000559
2009-11-08 20:04 caseydk Project v1.1 Release (Closed) => v1.2 Release (Closed)
2009-12-06 17:09 caseydk Note Added: 0000628
2009-12-06 17:09 caseydk Status new => feedback
2009-12-07 20:43 caseydk Project v1.2 Release (Closed) => Pending Requests
2014-08-16 18:21 caseydk Category General => Core Infrastructure
2014-08-31 22:15 caseydk Severity major => minor
2014-08-31 22:15 caseydk Product Version 1.1 =>
+Issue History