Modify

Opened 20 months ago

Last modified 16 months ago

#10673 new defect

Configuring dir_scope

Reported by: myingling Owned by: sandinak
Priority: normal Component: DirectoryAuthPlugin
Severity: normal Keywords:
Cc: Trac Release: 1.0

Description

I was about to give up on this plugin until I discovered the dir_scope option. It's mentioned in the source but not (currently) in the configuration example. It defaults to 1, but for some reason that never allowed users to be found in my schema. I set it to 2, which started working, but I had to patch the code. I kept getting errors about requiring integers instead of unicode, so I wrapped each use of scope inside _dir_search with int(). (r12025 of auth.py) This finally allowed my users to be authenticated, and group permissions are working too (at lead the TRAC_ADMIN group). I've been looking for this functionality for a long time, so thank you!

The source documents dir_scope to have values of 0, 1, 2, which correspond in theory to the LDAP Python module's ldap.SCOPE_BASE, ldap.SCOPE_ONELEVEL, ldap.SCOPE_SUBTREE. While those values are unlikely to change, perhaps a lookup from the number values to the ldap module constants would guarantee future compatibility better than just passing the raw numbers in?

Attachments (0)

Change History (1)

comment:1 Changed 16 months ago by kyle.james.oconnor@…

Partially a duplicate of #10581 which was fixed in [12963] but the recommendation in the 2nd paragraph about mapping to ldap enums instead should probably be done. I guess this is called PatchWelcome, right?

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.