v0.05 2008-04-09 Mike Peachey * lib/RT/Authen/User_Vendor.pm Typo on line 962. s/servicen/service/ * html/Callbacks/ExternalAuth/autohandler/Auth Deprecated $user_autocreated. It was being used to prevent a call to RT::User::UpdateFromExternal in User_Vendor.pm because it was deemed an unecessary expense to set the user's info and then look it up again straight after. However, I have since realised that UpdateFromExternal is the only code doing a check to see if the user has been disabled in the external source and so bypassing it when users are created allows new users to log in once even if they have not been "enabled". I will be doing a small rewrite of this code in the future to abstract the External disable-lookup code from UpdateFromExternal and perhaps remove the function altogether, but for now everything will work fine. * ChangeLog I did it again. I added a / on the front of the path to ExternalAuth.pm. What a plonker! * lib/RT/Authen/ExternalAuth.pm Version updated to 0.05 v0.04 2008-04-03 Mike Peachey * etc/RT_SiteConfig.pm The example LDAP ExternalSettings configuration did not contain example values for user and pass for RT's connection to an LDAP server. These have now been added. Thanks to Andrew Fay for noticing this one. * ChangeLog Removed a "/" from the start of the ExternalAuth.pm file line in 0.03 * lib/RT/Authen/ExternalAuth.pm Version updated to 0.04 v0.03 2008-03-31 Mike Peachey * html/Callbacks/ExternalAuth/autohandler/Auth Bug found on lines 94-100. The ELSE block starting on line 95 was assigned to the IF starting on 85 instead of the IF block starting on line 86. This meant that if the user entered at the login screen exists no password would be checked. It was doing this: If session has current user who has an ID If password has already been validated SUCCESS Else Return to autohandler with valid session & implicit auth Else delete session This has now been corrected to this: If session has current user who has an ID If password has already been validated SUCCESS Else Delete session Else return to autohandler with whatever we had before the block * lib/RT/Authen/ExternalAuth.pm Version updated to 0.03 v0.02 2008-03-17 Mike Peachey * lib/RT/User_Vendor.pm Bug #1 found on line 446. CanonicalizeUserInfo was being called directly, instead of being called on the $self user object. This was causing CanonicalizeUserInfo to shift the e-mail address it was passed into the $self var instead of the $email var. It was therefore returning a blank e-mail address regardless of the input. * lib/RT/User_Vendor.pm Header comments altered to reflect that the file is part of the RT::Authen::ExternalAuth extension. * /lib/RT/Authen/ExternalAuth.pm Version updated to 0.02 v0.01 2008-03-13 Mike Peachey * Initial Release