Mantis Bugtracker          
testlink.org

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008219TestLinkLDAP authenticationpublic2018-03-05 05:562018-03-14 19:31
ReporterAPTC 
Assigned Tofman 
PriorityhighSeveritymajorReproducibilityalways
StatusclosedResolutionno change required 
PlatformOSOS Version
Product Version1.9.16 (2016 Q4) 
Fixed in Version 
Summary0008219: With LDAP Authentication enabled, could login to Testlink with incorrect LDAP password
Description

Enabled LDAP authentication - In the Testlink login screen, enter valid LDAP UID but incorrect LDAP Password . User could login to Testlink successfully.
Not validating the user against the valid LDAP password.

User could login to Testlink with both correct and incorrect password.
Steps To ReproduceUsing TestLink v.1.9.16

I enabled LDAP in config.inc.php and here is the configurations:


/** LDAP authentication credentials */
$tlCfg->authentication['method'] = 'LDAP';
$tlCfg->authentication['ldap_server'] = '<our_company_domain_name>';
$tlCfg->authentication['ldap_port'] = '389';
$tlCfg->authentication['ldap_version'] = '3'; // could be '2' in some cases
$tlCfg->authentication['ldap_root_dn'] = 'DC=informatica,DC=com';
$tlCfg->authentication['ldap_uid_field'] = 'mail';
$tlCfg->authentication['ldap_bind_dn'] = ''; // Left empty for anonymous LDAP binding
$tlCfg->authentication['ldap_bind_passwd'] = ''; // Left empty for anonymous LDAP binding
$tlCfg->authentication['ldap_tls'] = false; // true -> use tls
Additional InformationTried changing this field from 'mail' to 'uid' but fails

$tlCfg->authentication['ldap_uid_field'] = 'uid';

User is already created in Testlink with the following details
Login Name given as Email id
First name
Last Name
Email -- Email id
Set to "LDAP"
got the message "Password is external"


TagsNo tags attached.
Database (MySQL,Postgres,etc)Postgres
Browser
PHP Version
TestCaseID
QA Team - Task Workflow StatusTBD
Attached Files

- Relationships

-  Notes
(0027255)
tjosephine (reporter)
2018-03-09 16:26

You have not read the README file. Please do it!

======
TestLink Version >= 1.9.16
$tlCfg->authentication['method'] = 'LDAP';

$tlCfg->authentication['ldap'][1]['ldap_server'] = 'ldap.xyz.com';
$tlCfg->authentication['ldap'][1]['ldap_port'] = '389';
$tlCfg->authentication['ldap'][1]['ldap_version'] = '3';
$tlCfg->authentication['ldap'][1]['ldap_root_dn'] = 'dc=xyz,dc=com';
$tlCfg->authentication['ldap'][1]['ldap_bind_dn'] = 'uid=tl,ou=staff,dc=xyz,dc=com';
$tlCfg->authentication['ldap'][1]['ldap_bind_passwd'] = 'XYZw';
$tlCfg->authentication['ldap'][1]['ldap_tls'] = false;
(0027259)
fman (administrator)
2018-03-10 07:20

thanks to tjosephine for collaboration
(0027262)
fman (administrator)
2018-03-14 19:31

no more user feedback

- Issue History
Date Modified Username Field Change
2018-03-05 05:56 APTC New Issue
2018-03-09 16:26 tjosephine Note Added: 0027255
2018-03-10 07:20 fman Note Added: 0027259
2018-03-14 19:31 fman QA Team - Task Workflow Status => TBD
2018-03-14 19:31 fman Note Added: 0027262
2018-03-14 19:31 fman Status new => closed
2018-03-14 19:31 fman Assigned To => fman
2018-03-14 19:31 fman Resolution open => no change required



Copyright © 2000 - 2018 MantisBT Team
Powered by Mantis Bugtracker