Recent Changes - Search:

PITS main list

edit sidebar

Main sidebar

PmWiki

pmwiki.org

00547

Summary: AuthUser ldap authentication allows empty passwords
Created: 2005-09-29 15:25
Status: Closed - fixed for 2.0.11
Category: Bug
From: Paul Eden
Assigned:
Priority: 4
Version: 2.0.6
OS: Red Hat Enterprise Linux ES release 3 (Taroon Update 5)/Apache 2.0.46/php-4.3.2

Description: I have noticed that in authenticating to an ldap server with with AuthUser, valid usernames will be accepted without specifying a password. The problem happens when an ldap server allows anonymous binds. The problem is documented with workarounds here.

Edit - History - Print - Recent Changes - Search
Page last modified on September 10, 2011, at 11:56 AM