Hello Kanyin,


Can you mail me the patch for issues 3 and 4 and I’ll have a look over them, with a view to committing them to CVS if they seem sensible.


Regarding 2:


I somewhat wonder if that’s even needed in the core product. I mean, “non-unique unique identifier” is somewhat a conflict in terms. In a windows environment, I believe that for uid we suggest using the samAccountName, which afaik *is* unique across a single domain.


As an additional note to number 1, it’s probably worth looking at how we handle authentication at the moment:


I recently wanted to move to LDAP authentication instead of MD5/PLAIN. As part of this, I ended up implementing an NTLM_LDAP authentication scheme (trusts the user from their NTLM credentials, then uses LDAP to get user email/name without requiring authentication).


Your suggestion is somewhat different basically a ‘fallback logon’ system i.e. if LDAP fails try BASIC_AUTH/MD5/PLAIN/CRYPT. Given that in general we don’t want to store a copy of a users LDAP password (for security reasons), I somewhat wonder how easy this sort of fallback functionality would be to use. What does your current implementation currently do?





-----Original Message-----
From: mantisbt-dev-admin@lists.sourceforge.net [mailto:mantisbt-dev-admin@lists.sourceforge.net] On Behalf Of Cai Kanyin (CI/ACA1) *
18 January 2005 16:01
To: mantisbt-dev@lists.sourceforge.net
Subject: [Mantisbt-dev] Show Custom fields



I have made some modifications on Mantis 0.19.2 to add the following feature:

1. login first with the ldap module, if failed, try login with  the mysql module
2. reject user with non unique uid in LDAP for login
3. show custom fields in "Show Issues", "Print Reports", "Excel 2000" view
4. custom fields can be choosed in "Printing Options"

Where can I upload the patch? Or check into cvs?

Kanyin Cai