Comment #3 on issue 3069 by LDAP auth should use fully qualified DN for user bind currently gives me a 403 error.

See the diff below, but please not I am not a python developer...

---    2013-08-26 08:58:38.937586726 +0200
+++ 2013-08-26 09:04:24.114355191 +0200
@@ -204,10 +204,13 @@ class LDAPBackend(AuthBackend):
                     ldapo.bind_s(search[0][0], password)

             else :
- # Attempt to bind using the given uid and password. It may be
-                # that we really need a setting for how the DN in this is
-                # constructed; this way is correct for my system
-                userbinding=','.join([uid,settings.LDAP_BASE_DN])
+ # Bind anonymously to the server, then search for the user with the + # given base DN and uid. If user is found a fully qualified DN is + # returned. Authentication then is done with bind using this fully
+                # qualified DN.
+                ldapo.simple_bind_s()
+ search = ldapo.search_s(settings.LDAP_BASE_DN, ldap.SCOPE_SUBTREE, uid)
+                userbinding=search[0][0]
                 ldapo.bind_s(userbinding, password)

             return self.get_or_create_user(username, ldapo)

You received this message because this project is configured to send all issue notifications to this address.
You may adjust your notification preferences at:

You received this message because you are subscribed to the Google Groups 
"reviewboard-issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
To post to this group, send email to
Visit this group at
For more options, visit

Reply via email to