#1 — LDAP support for Email Login
by
tixxit
—
last modified
Oct 07, 2010 07:32 AM
| State | Tested and confirmed closed |
|---|---|
| Version: | 0.4 |
| Area | Functionality |
| Issue type | Patch |
| Severity | Medium |
| Submitted by | tixxit |
| Submitted on | Dec 03, 2009 |
| Responsible | Martin Lundwall |
| Target release: | 0.5 |
Currently (trunk in SVN), betahaus.emaillogin uses PAS' getUsers() method to obtain a list of users. LDAP users from LDAPUserFolder are not returned by this method (for performance reasons, perhaps?) and so those users stored in LDAP cannot use their e-mail to log-in. Attached is a small patch that lets betahaus.emaillogin work with LDAPMultiPlugins/LDAPUserFolder. It assumes that the LDAPUserFolder's schema has some attribute mapped to the 'email' property.
Details:
The patch uses PAS' searchUsers() to search for users by email, instead of getUsers(). This (searchUsers) delegates to all IUserEnumerationPlugin plugins and works fine w/ LDAPMultiPlugin's implementation. It should also be relatively fast for LDAP, since the job of searching by email is forked over to LDAP (PlonePAS seems to still iterate over all users, however).
Details:
The patch uses PAS' searchUsers() to search for users by email, instead of getUsers(). This (searchUsers) delegates to all IUserEnumerationPlugin plugins and works fine w/ LDAPMultiPlugin's implementation. It should also be relatively fast for LDAP, since the job of searching by email is forked over to LDAP (PlonePAS seems to still iterate over all users, however).
- Steps to reproduce:
- 1) Set up Plone w/ LDAPUserFolder & LDAPMultiPlugins and configure them as per the usual way in the how-tos.
2) Map some attribute (eg. mail) to the 'email' property.
2) Install betahaus.email
3) Try to log in as one of the users in LDAP w/ their e-mail.
ldap-support-fix.diff
—
Plain Text,
1 kB (1382 bytes)
Added by
Martin Lundwall
on
Dec 04, 2009 09:06 AM
Thank you for the patch, I will check it out.For some weird reason I cannot change the state of this ticket, but I'm on it.
/Martin
Added by
tixxit
on
Dec 07, 2009 05:46 PM
No problem. emaillogin is definitely an elegant way to handle email logins. That said, I just realized the patch provided calls searchUsers twice. Just delete the first users = searchUsers(**query) as it isn't used.
Added by
Martin Lundwall
on
Dec 12, 2009 06:24 PM
Thank you. Do you have a buildout with a setup that I can use for testing. I am about to merge the patch into trunk, I would like to come up with tests before releasing.
Added by
Martin Lundwall
on
Oct 07, 2010 07:31 AM
Issue state:
Unconfirmed
→
Resolved
Responsible manager:
(UNASSIGNED)
→
mlundwall
Target release:
None
→
0.5
Added by
Martin Lundwall
on
Oct 07, 2010 07:32 AM
Issue state:
Resolved
→
Tested and confirmed closed
No responses can be added.
If you can, please log in before submitting a reaction.