Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-19509

LDAP NTLM SSO subnet matching doesn't work with 0.0.0.0/0

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.9, 1.9.1, 1.9.2, 1.9.3, 1.9.4, 1.9.5
    • Fix Version/s: 1.8.10, 1.9.6
    • Component/s: Authentication
    • Labels:
      None
    • Environment:
      Moodle 1.9 with LDAP + NTLM SSO
    • Database:
      Any
    • Affected Branches:
      MOODLE_19_STABLE
    • Fixed Branches:
      MOODLE_18_STABLE, MOODLE_19_STABLE

      Description

      If one requires all clients to auth via SSO, there currently is no mechanism to allow this, short of specifying the whole world in the subnet list, i.e. 1.0.0.0/0 - 254.254.254.254/0

      One would imagine that specifying 0.0.0.0/0 would achieve this but it does not.
      I've had a look at this but binary arithmetic makes my face hurt.

      Could the 'address_in_subnet'/type 1 test be modified to account for a subnet/mask of 0.0.0.0/0?
      Or would it be more sensible to have a config option to allow SSO for all clients without needing to specify an unintuitive catch-all mask of 0.0.0.0/0

      Cheers

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                21/Oct/09