Ok, so I've HUGE problem with the LDAP User Folder I am using the LDAP User Folder to restrict access to a directory to only users that can authenticate against LDAP. This, I thought, was working fine. Then I noticed that if I tried to login successively I no longer required the correct password. Checking the log file, the user is cached. So, when a user is in the authenticated cache, anyone can login with that username and a gibberish password. Anyone with thoughts on this subject? Edward
how about giving us some more info, like version numbers for zope/python/ldapuserfolder? jens On Friday, Jun 6, 2003, at 12:30 US/Eastern, Edward Pollard wrote:
Ok, so I've HUGE problem with the LDAP User Folder
I am using the LDAP User Folder to restrict access to a directory to only users that can authenticate against LDAP.
This, I thought, was working fine.
Then I noticed that if I tried to login successively I no longer required the correct password. Checking the log file, the user is cached.
So, when a user is in the authenticated cache, anyone can login with that username and a gibberish password.
Anyone with thoughts on this subject?
Edward
Why would I do something silly like that?! Zope 2.6 Python 2.1 LDAPUserFolder 2.0 (I've checked Changes.txt to see if this problem is addressed, it does not seem to be) Ed On Friday, June 6, 2003, at 10:58 AM, Jens Vagelpohl wrote:
how about giving us some more info, like version numbers for zope/python/ldapuserfolder?
jens
On Friday, Jun 6, 2003, at 12:30 US/Eastern, Edward Pollard wrote:
Ok, so I've HUGE problem with the LDAP User Folder
I am using the LDAP User Folder to restrict access to a directory to only users that can authenticate against LDAP.
This, I thought, was working fine.
Then I noticed that if I tried to login successively I no longer required the correct password. Checking the log file, the user is cached.
So, when a user is in the authenticated cache, anyone can login with that username and a gibberish password.
Anyone with thoughts on this subject?
Edward
update to version 2.2beta3 (which is the release candidate for 2.2 final) and let me know if that solves it. i fixed a similar problem a while back. http://www.dataflake.org/software/ldapuserfolder/ldapuserfolder_2.2beta3 jens On Friday, Jun 6, 2003, at 14:29 US/Eastern, Edward Pollard wrote:
Why would I do something silly like that?!
Zope 2.6 Python 2.1 LDAPUserFolder 2.0 (I've checked Changes.txt to see if this problem is addressed, it does not seem to be)
Ed
On Friday, June 6, 2003, at 10:58 AM, Jens Vagelpohl wrote:
how about giving us some more info, like version numbers for zope/python/ldapuserfolder?
jens
On Friday, Jun 6, 2003, at 12:30 US/Eastern, Edward Pollard wrote:
Ok, so I've HUGE problem with the LDAP User Folder
I am using the LDAP User Folder to restrict access to a directory to only users that can authenticate against LDAP.
This, I thought, was working fine.
Then I noticed that if I tried to login successively I no longer required the correct password. Checking the log file, the user is cached.
So, when a user is in the authenticated cache, anyone can login with that username and a gibberish password.
Anyone with thoughts on this subject?
Edward
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
participants (2)
-
Edward Pollard -
Jens Vagelpohl