Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-19509

LDAP NTLM SSO subnet matching doesn't work with 0.0.0.0/0

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9, 1.9.1, 1.9.2, 1.9.3, 1.9.4, 1.9.5
    • Fix Version/s: 1.8.10, 1.9.6
    • Component/s: Authentication
    • Labels:
      None
    • Environment:
      Moodle 1.9 with LDAP + NTLM SSO
    • Database:
      Any
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_18_STABLE, MOODLE_19_STABLE

      Description

      If one requires all clients to auth via SSO, there currently is no mechanism to allow this, short of specifying the whole world in the subnet list, i.e. 1.0.0.0/0 - 254.254.254.254/0

      One would imagine that specifying 0.0.0.0/0 would achieve this but it does not.
      I've had a look at this but binary arithmetic makes my face hurt.

      Could the 'address_in_subnet'/type 1 test be modified to account for a subnet/mask of 0.0.0.0/0?
      Or would it be more sensible to have a config option to allow SSO for all clients without needing to specify an unintuitive catch-all mask of 0.0.0.0/0

      Cheers

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  21/Oct/09