onedev/server

#1320 Make email attribute of LDAP authenticator optional

Released

Matthias Gerstner opened 1 year ago

LDAP authentication basically works for me, but User Email Attribute is a mandatory field in the configuration form. I'm no expert in LDAP... as it looks the LDAP subtree "User search base" that I need for authentication does not contain a mail attribute on the LDAP server I have to work with. The mail field is found in a different sub-tree that cannot be used for authentication. I'm not sure if that is a common setup but I cannot really change the LDAP server.

Is see various ways to address this:

the mail field could be made optional
a different LDAP search base could be specified for looking up the mail attribute
a mail address could also be constructed from a placeholder string like "{0}@my.domain"

Robin Shen changed fields 1 year ago

Name	Previous Value	Current Value
Type	Bug	Discussion

Robin Shen commented 1 year ago

OneDev relies on email heavily and authenticated user must have email specified. It is unusual that email attribute exists in a different subtree as the user entry.

Robin Shen changed fields 1 year ago

Name	Previous Value	Current Value
Type	Discussion	Improvement

Robin Shen commented 1 year ago

Next version will make this attribute optional.

Robin Shen changed title 1 year ago

Previous Value	Current Value
External Authentication -> Generic LDAP with mandatory `user email attribute`	Make email attribute of LDAP authenticator optional

OneDev changed state to 'Closed' 1 year ago

Previous Value	Current Value
Open	Closed

OneDev commented 1 year ago

State changed as code fixing the issue is committed (677b7230)

OneDev changed state to 'Released' 1 year ago

Previous Value	Current Value
Closed	Released

OneDev commented 1 year ago

State changed as build #3563 is successful

Type	Improvement
Priority	Normal
Assignee	Robin Shen

Issue Votes (0)

Watchers (4)

Reference

onedev/server#1320