Hello!

The current LDAP authentication scheme used in Review Board 
(acconts/backends.py|LDAPBackend.authenticate()) assumes that a chosen LDAP 
server allows anonymous search. This is not always true (e.g. our internal 
corp. directory server :) ) , so perhaps prior binding is necessary. Of 
course this binding may be performed by a designated "unprivileged" user and 
existing LDAP_ANON_BIND_UID perfectly suits the task.

Certainly the change is rather trivial but since I'm almost unfamiliar with 
LDAP-related things I'd like to hear first that there're no other 
considerations not to add the binding.

Respectfully,
Alexey Morozov

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To post to this group, send email to reviewboard@googlegroups.com
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to