[Tickets #10944] LDAP-specific user existence method in LDAP driver
bugs at horde.org
bugs at horde.org
Fri Jan 27 10:42:45 UTC 2012
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/10944
------------------------------------------------------------------------------
Ticket | 10944
Created By | marco at csita.unige.it
Summary | LDAP-specific user existence method in LDAP driver
Queue | Horde Base
Version | Git master
Type | Enhancement
State | New
Priority | 3. High
Milestone |
Patch | 1
Owners |
------------------------------------------------------------------------------
marco at csita.unige.it (2012-01-27 10:42) wrote:
Currently, the exists() method in Horde_Auth_Ldap class is inherited
from Horde_Auth_Base. It transfers via listUsers() the full user list
from the LDAP backend and then check for the presence of the
$userId in the resulting array .
I think that this implementation of exists() is wrong (for LDAP backend,
at least):
- an LDAP system could have thousand of users, with only few using IMP
webmail: it is useless and resource-demanding to transfer all users in
order to check the presence of only one of them;
- likely LDAP servers have some administrative limit in the size of a
search result and the resulting list could be incomplete producing false
negative in the presence check.
It is possible this is the cause of bug #7640.
The attached a patch for the Horde/Auth/Ldap.php file to handles exists()
using an LDAP-specific implementation.
More information about the bugs
mailing list