« Previous | Next » 

Revision 504

Fixed the LDAP authentication adapter ( so that it now looks up
the distinguished name for a user before attempting to do authentication.
This is because the user's distinguished name can sometimes be based on
their uid attribute, but sometimes be based on their cn (common name)
attribute, or some other attribute. In order to authenticate, we must
be able construct the distinguished name, so we have to look up the
identifying attribute before trying to authenticate. Basically, this
lets us authenticate agains both of the following records:

dn: uid=jones,o=NCEAS,c=US


dn: cn=Matt Jones,o=NCEAS,c=US

Effectively, this means that the user can type in their user id (uid),
common name (cn), or surname (sn) and we'll still be able to authenticate them.
BugID: 138

  • added
  • modified
  • copied
  • renamed
  • deleted