ldap_timeout_v2-redmine2.0.3.patch

LDAP Timeout patch - v2 - redmine 2.0.3 - Brett Patterson, 2012-06-30 04:10

Download (3.91 KB)

View differences:

config/locales/en.yml (working copy)
142 142

  
143 143
  notice_account_updated: Account was successfully updated.
144 144
  notice_account_invalid_creditentials: Invalid user or password
145
  notice_account_authentication_timeout: Connection to authentication server timed out
145 146
  notice_account_password_updated: Password was successfully updated.
146 147
  notice_account_wrong_password: Wrong password
147 148
  notice_account_register_done: Account was successfully created. To activate your account, click on the link that was emailed to you.
......
323 324
  field_repository_is_default: Main repository
324 325
  field_multiple: Multiple values
325 326
  field_ldap_filter: LDAP filter
327
  field_ldap_timeout: "Timeout (in seconds)"
326 328

  
327 329
  setting_app_title: Application title
328 330
  setting_app_subtitle: Application subtitle
app/models/auth_source_ldap.rb (working copy)
18 18
require 'iconv'
19 19
require 'net/ldap'
20 20
require 'net/ldap/dn'
21
require 'timeout'
21 22

  
22 23
class AuthSourceLdap < AuthSource
23 24
  validates_presence_of :host, :port, :attr_login
......
25 26
  validates_length_of :account, :account_password, :base_dn, :filter, :maximum => 255, :allow_blank => true
26 27
  validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true
27 28
  validates_numericality_of :port, :only_integer => true
29
  validates_numericality_of :timeout, :only_integer => true, :allow_blank => true
28 30
  validate :validate_filter
29 31

  
30 32
  before_validation :strip_ldap_attributes
......
44 46

  
45 47
  def authenticate(login, password)
46 48
    return nil if login.blank? || password.blank?
47
    attrs = get_user_dn(login, password)
48 49

  
50
	begin
51
		self.timeout = 20 if self.timeout.nil?
52
		logger.error "LDAP Authentication timeout is set to '#{self.timeout}'"
53
		Timeout::timeout(self.timeout) do
54
	    	attrs = get_user_dn(login, password)
55
		end
56
	rescue Timeout::Error => e
57
		raise Timeout::Error.new(e.message)
58
	end
59

  
49 60
    if attrs && attrs[:dn] && authenticate_dn(attrs[:dn], password)
50 61
      logger.debug "Authentication successful for '#{login}'" if logger && logger.debug?
51 62
      return attrs.except(:dn)
app/controllers/account_controller.rb (working copy)
150 150
      # Valid user
151 151
      successful_authentication(user)
152 152
    end
153
  rescue Timeout::Error => e
154
  	auth_source_timeout
153 155
  end
154 156

  
155 157
  def open_id_authenticate(openid_url)
......
229 231
    flash.now[:error] = l(:notice_account_invalid_creditentials)
230 232
  end
231 233

  
234
  def auth_source_timeout
235
  	logger.warn "Failed to authenticate user '#{params[:username]}' at #{Time.now.utc} because the authentication source connection timed out"
236
	flash.now[:error] = l(:notice_account_authentication_timeout)
237
  end
238

  
232 239
  # Register a user for email activation.
233 240
  #
234 241
  # Pass a block for behavior when a user fails to save
app/views/auth_sources/_form_auth_source_ldap.html.erb (working copy)
26 26
<p><label for="auth_source_custom_filter"><%=l(:field_ldap_filter)%></label>
27 27
<%= text_field 'auth_source', 'filter', :size => 60 %></p>
28 28

  
29
<p><label for="auth_source_timeout"><%=l(:field_ldap_timeout)%></label>
30
<%= text_field 'auth_source', 'timeout', :size => 4 %></p>
31

  
29 32
<p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label>
30 33
<%= check_box 'auth_source', 'onthefly_register' %></p>
31 34
</div>