[rt-users] RT-Extension-SaltedPasswords Not Playing Nice with LDAP

Nick Couchman Nick.Couchman at seakr.com
Fri Jan 21 09:48:15 EST 2011


So, I just installed the RT-Extension-SaltedPasswords extension on two
RT 3.6.x installations (3.6.5 and 3.6.7) to protect against the
announced vulnerability.  I followed the directions, and, upon adding
the line:

use RT::Extension::SaltedPasswords;

in my RT_SiteConfig.pm file, found that LDAP logins no longer work.  If
I comment out the above line, LDAP logins work fine (but, obviously, my
recently-updated salted passwords for local users do not work), if I
leave it enabled, LDAP logins fail.  Turning on debug logging, it looks
like the LDAP server is contacted and everything goes as expected until
the very last step of actually authenticating the user, as which time it
kicks out a failure.  Last couple of lines of log file look like this:


[Fri Jan 21 03:40:09 2011] [debug]: UPDATED user Nick Couchman from LDAP
(/opt/rt3/local/lib/RT/User_Local.pm:628)
[Fri Jan 21 03:40:09 2011] [error]: FAILED LOGIN for Nick Couchman from
2.0.183.98 (/opt/rt3/share/html/autohandler:251)

Can someone help me figure out what's going on?

Thanks,
Nick



--------
This e-mail may contain confidential and privileged material for the sole use of the intended recipient.  If this email is not intended for you, or you are not responsible for the delivery of this message to the intended recipient, please note that this message may contain SEAKR Engineering (SEAKR) Privileged/Proprietary Information.  In such a case, you are strictly prohibited from downloading, photocopying, distributing or otherwise using this message, its contents or attachments in any way.  If you have received this message in error, please notify us immediately by replying to this e-mail and delete the message from your mailbox.  Information contained in this message that does not relate to the business of SEAKR is neither endorsed by nor attributable to SEAKR.



More information about the rt-users mailing list