webclient: LDAP not working -- but works for stand alone client

Bug #1755258 reported by Robert Soulliere
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Evergreen
Fix Released
High
Unassigned
3.0
Won't Fix
High
Unassigned
3.1
Won't Fix
High
Unassigned

Bug Description

EG version: 3.03
OpenSRF version: 3.0.0

When logging into Evergreen using the webclient, LDAP authentication is not working. I can login to the webclient using the local evergreen password.

I can also login to the old stand-alone staff client or the OPAC via LDAP.

Dan Scott (denials)
tags: added: ldap webstaffclient
Revision history for this message
Galen Charlton (gmc) wrote :

Noting that at present the web staff client is simply not checking whether the auth_proxy is active or attempting to use open-ils.auth_proxy.login. Following the example in Open-ILS/xul/staff_client/chrome/content/auth/session.js or Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm would serve to add it.

Changed in evergreen:
status: New → Confirmed
importance: Undecided → High
Bill Erickson (berick)
Changed in evergreen:
assignee: nobody → Bill Erickson (berick)
status: Confirmed → In Progress
Revision history for this message
Bill Erickson (berick) wrote :

Fix pushed:

http://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/berick/lp1755258-webstaff-auth-proxy

One caveat to this branch, however, is it only works seamlessly if the open-ils.auth_proxy service is running. (It doesn't have to be enabled). When the auth_proxy service is not running, the API call fails deep in the OpenSRF JS code, preventing fall-back to standard login. I have a fix for that too and will open an OpenSRF LP bug.

tags: added: pullrequest
Changed in evergreen:
milestone: none → 3.2-beta
assignee: Bill Erickson (berick) → nobody
status: In Progress → Confirmed
Revision history for this message
Bill Erickson (berick) wrote :

Because of the caveat noted in my last comment, I'm going to target this bug to 3.2 beta only for now, since back-porting it could cause breakage for sites not running the auth_proxy service.

Revision history for this message
Bill Erickson (berick) wrote :

Opened OpenSRF bug #1776510

Also note the EG branch has 2 commits, one for the auth proxy additions and one to also improve Evergreen transport error handling.

tags: added: webstaffblocker
Galen Charlton (gmc)
Changed in evergreen:
assignee: nobody → Galen Charlton (gmc)
Revision history for this message
Galen Charlton (gmc) wrote :

Works for me, and pushed to master for inclusion in 3.2-beta. I've added targets for 3.0 and 3.1 but am not backporting for the moment pending dealing with the OpenSRF patch.

Changed in evergreen:
status: Confirmed → Fix Committed
assignee: Galen Charlton (gmc) → nobody
Changed in evergreen:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.