Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-19509

LDAP NTLM SSO subnet matching doesn't work with 0.0.0.0/0

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9, 1.9.1, 1.9.2, 1.9.3, 1.9.4, 1.9.5
    • Fix Version/s: 1.8.10, 1.9.6
    • Component/s: Authentication
    • Labels:
      None
    • Environment:
      Moodle 1.9 with LDAP + NTLM SSO
    • Database:
      Any
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_18_STABLE, MOODLE_19_STABLE

      Description

      If one requires all clients to auth via SSO, there currently is no mechanism to allow this, short of specifying the whole world in the subnet list, i.e. 1.0.0.0/0 - 254.254.254.254/0

      One would imagine that specifying 0.0.0.0/0 would achieve this but it does not.
      I've had a look at this but binary arithmetic makes my face hurt.

      Could the 'address_in_subnet'/type 1 test be modified to account for a subnet/mask of 0.0.0.0/0?
      Or would it be more sensible to have a config option to allow SSO for all clients without needing to specify an unintuitive catch-all mask of 0.0.0.0/0

      Cheers

        Attachments

          Activity

            People

            Assignee:
            iarenaza Iñaki Arenaza
            Reporter:
            afhole Alastair Hole
            Tester:
            Tim Hunt
            Participants:
            Component watchers:
            Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias, Sujith Haridasan
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              21/Oct/09