View Issue Details

WikiJump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0012402mantisbtldappublic2010-09-27 05:252010-09-27 07:26
Reporterdregad Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Product Version1.2.1 
Summary0012402: Signup as new user with LDAP and use_ldap_email = OFF causes error
Description

I have setup Mantis with LDAP authentication. Until today, I had both use_ldap_email and use_ldap_realname set to ON, and everything was fine.

However, a few weeks ago, a number of developers (consultants from an external company) which were previously using our internal e-mail system, have relocated to a different site and started using their own e-mail addresses. Consequently, Mantis' e-mail notifications are now causing errors, since their mailbox on our internal mail have been removed.

To work around this, I tried to set use_ldap_email = OFF, allowing users to update their e-mail address as it is currently not possible to modify LDAP. This works fine for existing users, but causes issues for new ones, because the e-mail is never set by the signup process, and Mantis throws Application Error 0001200 : Invalid e-mail address.

Steps To Reproduce
  • make sure "test" is not an existing user in your system
  • enable LDAP in config_inc.php
  • set $g_use_ldap_email = OFF;
  • use $g_ldap_simulation_file_path = '/tmp/mantis_ldap.cfg';
    test,Test User,test@test.com,test
  • on login_page.php, authenticate as test / test
  • error is displayed
Additional Information

I would expect the following behavior:

  • set the local DB e-mail to default to the LDAP's email
  • if e-mail is not set, then continue without error
  • as a nice to have option, let the user update their e-mail (redirect to account_page.php ?)
TagsNo tags attached.

Activities

dregad

dregad

2010-09-27 07:26

developer   ~0026869

Last edited: 2010-10-13 12:00

I worked around my problem with the following changes

  1. config_inc.php

$g_allow_blank_email = ON;

  1. core/authentication_api.php
    diff --git a/core/authentication_api.php b/core/authentication_api.php
    index 32961f1..aa6d3c2 100644
    --- a/core/authentication_api.php
    +++ b/core/authentication_api.php
    @@ -182,17 +182,19 @@ function auth_attempt_login( $p_username, $p_password, $p_perm_login = false ) {
    $t_login_method = config_get( 'login_method' );

    if ( false === $t_user_id ) {
    • $t_email = '';
      if ( BASIC_AUTH == $t_login_method ) {
      $t_auto_create = true;
      } else if ( LDAP == $t_login_method && ldap_authenticate_by_username( $p_username, $p_password
      $t_auto_create = true;

    • $t_email = ldap_email_from_username( $p_username );
      } else {
      $t_auto_create = false;
      }

          if ( $t_auto_create ) {
            # attempt to create the user
    • $t_cookie_string = user_create( $p_username, md5( $p_password ) );

    • $t_cookie_string = user_create( $p_username, md5( $p_password ), $t_email );

                  if ( false === $t_cookie_string ) {
                    # it didn't work

Any thoughts / comments on this ?

(EDIT: replaced normal diff with git diff)