2493: LDAP authentication fails if anonymous search is not allowed by the LDAP server

o*@linden******* (Google Code) (Is this you? Claim this profile.)
March 18, 2012
What version are you running?


What's the URL of the page containing the problem?


What steps will reproduce the problem?
1. Set up LDAP service to prohibit anonymous searches (require bind before the search)
2. Configure ReviewBoard to use LDAP user authentication, but leave the "Anonymous User Mask" and "Anonymous User Password" fields empty.
3. Attempt to log in using a valid username and password

What is the expected output? What do you see instead?

The login attempt should succeed; ReviewBoard should be able to bind using the offered credentials, and then do the search for the required user information.

Instead, the login attempt fails because ReviewBoard attempts to search for the uid without binding first.
#1 david
Fixed in master (4f95ceb). Thanks!
  • +Fixed
#2 mvan****@gmai***** (Google Code) (Is this you? Claim this profile.)
If you leave the Anonymous User Mask en Password empty, and you have, as suggested, set Usermask to "(uid=%s)" it will try to bind with (uid=username),DN which is invalid. The () generates an invalid DN syntax.
So make sure that after this patch you remove the () from that field to make it work again.

Took me some time today after upgrading from 1.6.14 to 1.7.3 :(