[Zope] zope and LDAP for authorisation

[Marinussen, M.J. (Ria)]

Hi Jens,

you were right, there was a problem with the way I configured the added
attribute in the LDAP Schema tab..
a stupid problem actually.

When you add an attribute that does not exist in LDAP and want to use
that as a login name attribute, it obviously does not work and zope
simply returns "unauthorized".
When you add "samAccountName" for the login ID user in Windows Active
directory (and LDAP), and you try to login with the wrong password (or
non-existing username) zope returns "unauthorized".
So far so good.
But when you add "samAccountName" for the login ID user in Windows
Active directory (and LDAP), and you try to login with a correct
username/password combination, zope returns "TypeError  len() of unsized
object"

And when you use the right case in "sAMAccountName" you can login
without errors.

So my login problem is solved. I was only confused because it "seemed"
that the attribute was working when it was not...

Thanks for your support.

Ria


> 
> Message: 9
> Date: Mon, 19 Dec 2005 14:12:03 +0000
> From: Jens Vagelpohl <jens at dataflake.org>
> Subject: Re: [Zope] zope and LDAP for authorisation
> To: Zope Zope list <zope at zope.org>
> Message-ID: <F65164AD-565F-4902-A373-B914A67C5280 at dataflake.org>
> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
> 
> 
> On 19 Dec 2005, at 13:59, Marinussen, M.J. (Ria) wrote:
> 
> > Hi Jens,
> >
> >
> >>
> >> I need the full error traceback to help.
> >>
> >
> > The full traceback on:
> > Zope 2.7.2-0, python 2.3.5, win32
> > LDAPUserFolder 2.6
> > OpenLDAP 2.3.11
> >
> > When I type the correct LDAP password I get this error and traceback
> > (otherwise I get an "Unauthorized" error).
> 
> Looking at the code this looks like it is a misconfiguration on your  
> part. It looks like the attribute you use as the login attribute has  
> not been added to the attributes shown on the LDAP Schema tab in the  
> ZMI.
> 
> jens
>