[
https://issues.apache.org/jira/browse/OPENMEETINGS-964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14029508#comment-14029508
]
Maxim Solodovnik commented on OPENMEETINGS-964:
-----------------------------------------------
Why is necessary to perform 2 binds?
First:
if bind_dn and bind_pwd are set, first conect to the LDAP directory with these
credentials
-if OM is set to AuthLDAP=OPENLDAP (should be SEARCHANDBIND actually), search
for the userDN and then perform a bind to the directory with userDN/provided PWD
etc?
is it necessary? maybe it is possible to perform bind with userDN/provided PWD?
> LDAP login should be refactored
> -------------------------------
>
> Key: OPENMEETINGS-964
> URL: https://issues.apache.org/jira/browse/OPENMEETINGS-964
> Project: Openmeetings
> Issue Type: Task
> Affects Versions: 3.0.0
> Reporter: Maxim Solodovnik
> Assignee: Maxim Solodovnik
> Fix For: 3.1.0
>
>
> Detailed description is here OPENMEETINGS-943
> The correct way to handle this:
> First:
> if bind_dn and bind_pwd are set, first conect to the LDAP directory with
> these credentials
> if empty, then just use an nonymous bind to the directory
> Then
> if OM is set to AuthLDAP=NONE, just use the connection to retrieve
> informations from the directory
> -if OM is set to AuthLDAP=OPENLDAP (should be SEARCHANDBIND actually), search
> for the userDN and then perform a bind to the directory with userDN/provided
> PWD
> if OM is set to AuthLDAP=SIMPLEBIND, construct the userDN from the username,
> the user attribute (for instance cn or uid), and the userBase, and then
> perform a bind with userDN and provided PWD
> if OM is set to AuthLDAP=SIMPLE (to be backward compliant), let's try a bind
> with the provided user/password
--
This message was sent by Atlassian JIRA
(v6.2#6252)
