I am using RB 1.7.x with an LDAP authentication backend and it's been 
working fine up through 1.7.13. With 1.7.14, the authentication mechanism 
no longer works in my environment. After some digging, it appears that 
there was a change in reviewboard/accounts/backends.py to search 
anonymously for the user before attempting to bind. The LDAP server in my 
environment is set up to not return any results to anonymous queries and so 
the authentication attempt fails. Is there a reason this was changed? 

In an attempt to preserve the existing behavior of doing an anonymous 
search but then attempting a bind as a specific user if the anonymous 
search returns nothing, I made the following change which works for me:
--- reviewboard/accounts/backends.py.orig       2013-09-24 
16:18:47.000000000 -0700
+++ reviewboard/accounts/backends.py    2013-09-24 16:20:01.000000000 -0700
@@ -210,7 +210,10 @@
                 search = ldapo.search_s(settings.LDAP_BASE_DN,
-                userbinding = search[0][0]
+               if (len(search) > 0):
+                       userbinding = search[0][0]
+               else:
+                       userbinding=','.join([uid,settings.LDAP_BASE_DN])
                 ldapo.bind_s(userbinding, password)
             return self.get_or_create_user(username, None, ldapo)

Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/
Sign up for Review Board hosting at RBCommons: https://rbcommons.com/
Happy user? Let us know at http://www.reviewboard.org/users/
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to reviewboard+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to