Opened 7 years ago

Closed 6 years ago

#9218 closed defect (fixed)

[patch] Add unicode support

Reported by: olaf.meeuwissen@… Owned by: John Hampton
Priority: normal Component: DirectoryAuthPlugin
Severity: critical Keywords:
Cc: Trac Release: 0.11


There are two boundaries where ActiveDirectoryAuthPlugin is missing unicode support:

  1. passing configuration information to the Active Directory Server
  2. storing information from the Active Directory Server in the session_attribute table

In the first case the information is obtained through Trac and therefor in unicode. In the second case, the information is in whatever encoding the ADS uses and needs to be converted to unicode before passing it to the database connection.

Both issues were show stoppers for me because we have Japanese displaynames which end up in the session_attribute table and Japanese OUs in some of the DNs which are configured.

Attached is a patch that works for me (tested on Trac 0.12). I am not sure whether all ADSs use UTF-8 so I made it a configuration option just in case.

Attachments (2)

adauth-unicode.diff (3.3 KB) - added by olaf.meeuwissen@… 7 years ago.
Unicode patch for ActiveDirectoryAuthPlugin
adauth-unicode-recursive-expand-group-users.diff (677 bytes) - added by olaf.meeuwissen@… 7 years ago.
Fix recursive expand_group_users()

Download all attachments as: .zip

Change History (6)

Changed 7 years ago by olaf.meeuwissen@…

Attachment: adauth-unicode.diff added

Unicode patch for ActiveDirectoryAuthPlugin

comment:1 Changed 7 years ago by olaf.meeuwissen@…

Sorry, forgot to mention that the patch is against trunk and that the email address is encoded for people use non-ASCII domain names now that these are available.

comment:2 Changed 7 years ago by olaf.meeuwissen@…

FTR, just by chance I noticed that we also have some Japanese sAMAccountNames but fortunately none of them are of objectCategory person so adauth-unicode.diff works fine for me. In case you have non-ASCII sAMAccountNames you may need additional changes.

comment:3 Changed 7 years ago by olaf.meeuwissen@…

Found one little oversight in adauth-unicode.diff. This may happen in the recursive calls to expand_group_users() when you have member groups with non-ASCII DNs. Patch to the previous patch adauth-unicode-recursive-expand-group-users.diff.

Changed 7 years ago by olaf.meeuwissen@…

Fix recursive expand_group_users()

comment:4 Changed 6 years ago by branson

Resolution: fixed
Status: newclosed

integrated into 0.3

Modify Ticket

Change Properties
Set your email in Preferences
as closed The owner will remain John Hampton.
The resolution will be deleted.

Add Comment

E-mail address and name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.