Couldn't figure out why core didn't work on my wiki with LDAP login. After some debugging I found out that lgdomain doesn't seem to be set anywhere at all. See https://www.mediawiki.org/w/api.php?action=help&modules=login|query+info
If I just hardcode login_request["lgdomain"] = "mydomain" in api.py, it magically works. The login logic should look in the family file if self.ldapDomain is set and if that's the case include it in the request. Compat doesn't have this problem.
| Subject | Repo | Branch | Lines +/- | |
|---|---|---|---|---|
| Fix broken LDAP based login | pywikibot/core | master | +3 -0 |
This is pretty good first task, as it needs to be backwards compatible with compat, so no bikeshedding on names, etc. and it should be two lines of code in core.
compat$ git grep ldapDomain families/README-family.txt: #self.ldapDomain = 'domain here' family.py: self.ldapDomain = () login.py: if self.site.family.ldapDomain: login.py: predata['lgdomain'] = self.site.family.ldapDomain login.py: if self.site.family.ldapDomain: # VistaPrint fix login.py: predata["wpDomain"] = self.site.family.ldapDomain
Hi, I am interested in working on this bug.
As far as I understand (from the discussions above) there needs to be a check on ldapDomain and lgdomain should be set accordingly, somewhere near line no. 3036 in
api.py
i.e. just after the initialisation.
I'm completely new to this so please correct me if I'm wrong somewhere and should I move ahead resolving this bug?
The modification to api.py outlined here resolved the issue for me:
https://www.linkedin.com/pulse/how-correct-pywikibot-ldap-authentication-error-armando-trinchillo
LDAP authentication worked until I added a second domain to the authentication options in my LocalSettings.php. I have not had an opportunity to revert the change and test, but I wanted to mention it just in case it helps reproduce the issue.
Change 330144 had a related patch set uploaded (by Phantom42):
Fix broken LDAP based login