www-infrastructure-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Shahaf (äñ§€¥£¢) (JIRA) <j...@apache.org>
Subject [jira] Resolved: (INFRA-3373) Some few improvments in the scripts
Date Thu, 20 Jan 2011 04:13:43 GMT

     [ https://issues.apache.org/jira/browse/INFRA-3373?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Daniel Shahaf (äñ§€¥£¢) resolved INFRA-3373.

    Resolution: Fixed

Implemented in r783621:r783622 and pushed to the live site.


> Some few improvments in the scripts
> -----------------------------------
>                 Key: INFRA-3373
>                 URL: https://issues.apache.org/jira/browse/INFRA-3373
>             Project: Infrastructure
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: LDAP
>            Reporter: Emmanuel Lecharny
>            Assignee: Daniel Shahaf (äñ§€¥£¢)
>            Priority: Minor
> While looking at the selfserve/lib/ss2config.py, I saw a few places that can be improved.
Those are just suggestions, I don't saw anything wrong otherwise.
> 1) Disconnection
> def do_pw_reset(availid, pw1, pw2, hextoken, remoteip):
>   ...
>   lh_passwd(lh, availid, pw1)
>   lh = None # TODO: better way to disconnect?
>  lh.unbind() is probably what you want to use here, unless you want to reuse the connection,
and then the next bind will kill the previous session automatically.
> Same for do_details_change, do_pw_reset, 
> 2) Bind as user
> def bind_as_user(availid, pw):
>   ...
>   try:
>     validate_existence(availid)
>     lh.bind_s(USER_DN_T % availid, [pw, ''][pw is None])
> The call to validate_existence is a duplication of effort, and will create two ldap connections,
plus send a second request to the server. If the user does not exist in the server, the bind
will fail.
> 3) Check for the user existence in send_email
> def send_email(availid, lookup, remoteip, base_url):
>   logger.info('emailing availid=%s remoteip=%s', availid, remoteip)
>   cn = validate_existence(availid, True)
> I don't know if the ldap server allow anonymous binds, but if so, there is no need to
bind to search for an entry. You can simply issue a search and get back the entry.
> Here, it would be more efficient to do a search without doing any bind.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message