ZF-12462: Zend\Ldap\Ldap.php (objectClass=posixAccount) should be removed as an invalid filter.

Issue Type: Bug Created: 2012-11-07T02:41:46.000+0000 Last Updated: 2012-11-07T14:14:28.000+0000 Status: Closed Fix version(s): Reporter: Will Hattingh (nitecon) Assignee: Stefan Gehrig (sgehrig) Tags: - Zend_Ldap

Related issues: Attachments:


LDAP by default allows you to set filters. By setting the initial filter for posixAccount creates an issue on many enterpise LDAP applications that we currently work on. The lowest denominator should always be used by the search which is strictly (uid=username). Users have the ability to add filters in addition to the base filter which essentially renders this filter as a major bug on some LDAP servers where the posixAccount attribute does not exist. This requires the developers to patch the Zend\Ldap\Ldap.php during every release.

I will be happy to submit a merge request on github for zf2. However this affects the version 1.x release as well, and it's a single line that needs to be changed.


Posted by Stefan Gehrig (sgehrig) on 2012-11-07T14:14:28.000+0000

The problem is that this is a BC breakage and mini releases do not allow for any BC breakage at all if the breakage does not fix a serious problem. I must admit that I don't know if there is a similar policy for ZF2 so please feel free to add a pull request to the ZF2 git repository.

Have you found an issue?

See the Overview section for more details.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.