Participants
Bastien Bodart
Bastien Bodart
Magnus Hagander
Magnus Hagander
Attachments
Show all attachments
Thread Outline
#1Bastien BodartBastien Bodart
Aug 31, 2016
#2Magnus HaganderMagnus Haganderto Bastien Bodart (#1)
Sep 03, 2016

Filters not supported for LDAP authentication

Started by Bastien Bodartover 9 years ago2 messagesgeneral
Jump to latest
#1Bastien Bodart
Bastien Bodart
bastien.bodart@esnah.com

Hi,

Is there any reason filters are not supported for search+bind LDAP
authentication?
There is no option to pass a filter in search+bind mode and
"ldapsearchattribute" parameter is even checked to prevent filter injection.
"ldapurl" parameter is defined as an RFC 4516 LDAP URL except filters
and extensions are not supported despite being parsed.

Thanks.

Bastien

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

#2Magnus Hagander
Magnus Hagander
magnus@hagander.net
In reply to: Bastien Bodart (#1)
Re: Filters not supported for LDAP authentication

On Wed, Aug 31, 2016 at 2:43 PM, Bastien Bodart <bastien.bodart@esnah.com>
wrote:

Hi,

Is there any reason filters are not supported for search+bind LDAP
authentication?
There is no option to pass a filter in search+bind mode and
"ldapsearchattribute" parameter is even checked to prevent filter injection.
"ldapurl" parameter is defined as an RFC 4516 LDAP URL except filters and
extensions are not supported despite being parsed.

AFAIK there is no reason other than that nobody has gotten around to write
the code for it. I see no reason why we wouldn't accept a patch for that
functionality.

--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/

← Back to Topics