Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth: lookup user DN before authentication in LDAP #30

Closed
rezib opened this issue Jan 30, 2025 · 0 comments · Fixed by #36
Closed

auth: lookup user DN before authentication in LDAP #30

rezib opened this issue Jan 30, 2025 · 0 comments · Fixed by #36
Assignees
@rezib
Milestone
1.3.0

Comments

@rezib
Copy link
Contributor

rezib commented Jan 30, 2025

RFL currently defines user DN as the concatenation of the user name attribute, the login and the users base. This notably prevents from finding a user in a subtree of the users base (see rackslab/Slurm-web#447) or authenticating when the DN does not contain the user name (see rackslab/Slurm-web#446).

RFL should actually lookup the DN of the user, providing the user name attribute and its login in the subtree scope, and then try to authenticate using this DN.
@rezib rezib added the bug Something isn't working label Jan 30, 2025
@rezib rezib added this to the 1.3.0 milestone Jan 30, 2025
@rezib rezib removed the bug Something isn't working label Jan 30, 2025
@rezib rezib self-assigned this Jan 31, 2025
rezib added a commit that referenced this issue Jan 31, 2025
@rezib
feat(auth): add possibility to lookup user DN
83170fa 
Add posibility to lookup user DN in the scope user base subtree before
trying authentication instead of expecting the DN is the simple
concatenation of the user name attribute, the login and the user base.
This feature can be enabled with LDAPAuthentifier(lookup_user_dn=True).

fix #30
This was referenced Jan 31, 2025
Merged
Closed
Closed
@rezib rezib closed this as completed in be4d3f2 Jan 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rezib rezib

Labels
None yet
Projects
None yet
Milestone
1.3.0
Development

Successfully merging a pull request may close this issue.

auth: add possibility to lookup user DN rackslab/RFL
1 participant
@rezib