-
2008-06-30
a1fa
I am experiencing issues with LDAP re-authentication.
If you check "Remember me", and leave the page for 5minuts, and return to the page, you have to re-authenticate. This only happens on certain passwords.
My password does not contain any special characters, only upper and lower case letters and digits. I could not find which combination breaks re-auth, because sometimes you can change just 1 letter, and re-auth would work just fine.
I did a debug between a working re-auth and a non working auth and the difference is that the $_SESSION section is empty on the broken auth..
Thanks for looking into this issue.
-
2008-06-30
a1fa
The LDAP server is Windows 2003 DC.
-
2008-06-30
a1fa
$conf['auth']['ldap']['server'] = 'ldap://SERVER.DOMAIN.SITE.NET:389';
$conf['auth']['ldap']['binddn'] = '%{user}@DOMAIN.SITE.NET';
$conf['auth']['ldap']['usertree'] = 'OU=US,DC=DOMAIN,DC=SITE,DC=NET';
$conf['auth']['ldap']['userfilter'] = '(userPrincipalName=%{user}@DOMAIN.SITE.NET)';
$conf['auth']['ldap']['grouptree'] = 'OU=US,DC=DOMAIN,DC=SITE,DC=NET';
$conf['auth']['ldap']['groupfilter'] = '(&(cn=USER-GROUP)(Member=%{dn})(ObjectClass=group))';
$conf['auth']['ldap']['mapping']['name'] = 'displayname';
$conf['auth']['ldap']['mapping']['grps'] = array('memberof'=>'/CN=(.+?),/i');
$conf['auth']['ldap']['referrals'] = '0';
$conf['auth']['ldap']['version'] = '3';
$conf['auth']['ldap']['debug'] = '0';
-
2009-10-04
andi
I think I might have found the problem. The password is blowfish encrypted and then stored in the cookie along with the username and sticky setting. These three values are separated by a pipe symbol. If the blowfish encryption creates a string with a pipe, it will break...
-
2009-10-04
andi
I pushed a patch that changes how the cookie is stored. Please check if the problem continues to occur with a current devel snapshot.
-
2010-06-27
andi
no feedback given. assumed to be fixed
-
Related tasks: