[Tickets #10944] LDAP-specific user existence method in LDAP driver

bugs at horde.org bugs at horde.org
Fri Jan 27 10:42:45 UTC 2012


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/10944
------------------------------------------------------------------------------
  Ticket             | 10944
  Created By         | marco at csita.unige.it
  Summary            | LDAP-specific user existence method in LDAP driver
  Queue              | Horde Base
  Version            | Git master
  Type               | Enhancement
  State              | New
  Priority           | 3. High
  Milestone          |
  Patch              | 1
  Owners             |
------------------------------------------------------------------------------


marco at csita.unige.it (2012-01-27 10:42) wrote:

Currently, the exists() method in Horde_Auth_Ldap class is inherited  
from Horde_Auth_Base. It transfers via listUsers() the full user list  
from the LDAP backend and then check for the presence of the
$userId in the resulting array .

I think that this implementation of exists() is wrong (for LDAP backend,
at least):
- an LDAP system could have thousand of users, with only few using IMP
webmail: it is useless and resource-demanding to transfer all users in
order to check the presence of only one of them;
- likely LDAP servers have some administrative limit in the size of a
search result and the resulting list could be incomplete producing false
negative in the presence check.

It is possible this is the cause of bug #7640.

The attached a patch for the Horde/Auth/Ldap.php file to handles exists()
using an LDAP-specific implementation.






More information about the bugs mailing list