View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0015869 | mantisbt | api soap | public | 2013-05-16 11:56 | 2014-12-08 00:33 |
Reporter | smartmantis | Assigned To | vboctor | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 1.2.15 | ||||
Target Version | 1.3.0-beta.1 | Fixed in Version | 1.3.0-beta.1 | ||
Summary | 0015869: API call mc_login with valid LDAP user which is not in mantis DB -> result: login failed | ||||
Description | We use mantistouch and LDAP auth. We made a patch for it in the core/authentication_api.php: function auth_attempt_script_login( $p_username, $p_password = null ) { | ||||
Tags | patch | ||||
Thanks for the report and the patch. This is something we should definitely do. Not by duplicating functionality from the core though, but instead by reusing existing code. If you're able to provide such a patch, it would greatly speed up the process of getting this fixed. |
|
yes but then we need a new function like auto_create_user so if you can decide which way is the better for you, then i can write the patch :) |
|
I tend to agree that we should unify the two functions, but we should keep the current names + signatures intact. Since this can be a pretty sensitive change, I've written an email on the dev list 1, asking what the others developers think about it. |
|
Here is the pull request - funny I didn't notice the comments, then after posting the pull request I found that we have exactly the same suggested approach and even method name. Thanks @smartmantis for the patch and bug report. |
|
MantisBT: master 25987317 2014-10-21 18:55 Details Diff |
mc_login() should auto-create valid LDAP users The web login logic auto-creates users in case of BASIC AUTH and LDAP when they don't exist. However, the SOAP API didn't. This fix includes: - When user authenticates using SOAP API, re-use the same auto-creation logic to create the user in case of valid credentials. - When a user is auto-created, execute post login checks and processing like login count, cookies, tokens, etc. This fix applies to the web interface code path. Fixes 0015869 |
Affected Issues 0015869 |
|
mod - core/authentication_api.php | Diff File |