Dear List,
(Replying to my own post)
This seems simply related to the password min length limit.
It is interesting to note, however, if you create a user in LDAP and
have a 7 character password, a bind will still be tried, and if
successful, an new user is added to the wiki users table. It still won't
log the user in, but a new record is created. After the record is
created, no more attempts will be made to bind to the directory.
It looks like the User.php code is trying to avoid even submitting the
form if the password is too short. I'm not sure this is being done when
the LdapAuthentication plugin is used.
I'm not really sure what this means, or even if it is a problem, though
it certainly confused me in tracking down why a particular login didn't
work.
This is how I reproduced it.
Set $wgMinimalPasswordLength = 8;
Create a user in LDAP that has a 7 character user name and a 7 char
password.
Try to login with the 7 char passwd.
Check the wiki users table.
I'm thinking that an ldap bind, and new record addtion should not be
made if the password is less than the minimum specified.
Jeff
Jeff Mandel wrote:
Hello,
I'm using the 1.0 LdapAuthentication plugin with version 1.5rc4.
I'm seeing some strange behavior binding for a certain name.
Authentication works fine for most users, except the user Nicolae.
I used tcpdump to watch the bind request and see none for Nicolae.
No problem seeing bind request for Nicola, icolae, Micolae, Ricolae,
Nicolaebean.
No bind attempted for Nicolae. All users are in the same part of the
tree.
$wgLDAPUseLocal = false;
This looks like some sort of input validation.
Any suggestions where I can start tracking this down?
Thanks,
Jeff
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)Wikimedia.org
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l