While I was porting the ldapauth.module to Drupal 5.0rc1, I hit what I could possibly term as a flaw in the code flow, possibly from the redesign that took place from previous versions.. but again may be not.

_ldapauth_user_authenticate calls _ldapauth_is_ldap_login_only to see if the system is set to do LDAP authentication ONLY.

The routine _ldapauth_is_ldap_login_only checks for the LDAP_FIRST_LDAP setting as well as a user record with ldap_authentified field set to TRUE..

However, on a new user creation, there are no such records and hence _ldapauth_is_ldap_login_only will return FALSE -- which will trigger the user_authentication() from the user.module. That module will in its own right try an external authentication and will create the user in its database but will NOT set the user->ldap_authentified field..

So the next time the user logs in, the routine _ldapauth_is_ldap_login_only will *still* return a FALSE cause the user was registered using the user.module's user_save() function, not the user_save() call from _ldapauth_ldap_login

Am I making sense ?

Comments

kreaper’s picture

Assigned: Unassigned » kreaper
Status: Active » Closed (fixed)

taken ownership of the project along with scafmac -- will address this issue.

kreaper