Closed AyoubHabra closed 2 years ago
Please note: This repository is up for adoption. I no longer have the time to maintain it, nor does my work require it anymore so I have no need to work on it.
As an FYI PR #47 may be a fix for you. But again, I don't have the time (nor inclination to do the validation or testing)
Thank you very much for your reply.
After upgrading etherpad instance from version 1.8.4 to 1.8.7. Ldap users were not allowed to access admin pages despite being successfully authenticated by ep_ldapauth. And, by reverting to the 1.8.4 (or 1.8.5) version with the same settings, it works again. I think it's related to security fixes applied to Etherpad. Can you help me with this issue please?
` app_1 | [2021-10-08 10:47:52.545] [DEBUG] console - ep_ldapauth.authenticate app_1 | [2021-10-08 10:47:52.661] [DEBUG] console - ep_ldapauth.authenticate: deferring setting of username [**] to CLIENT_READY for express_sid = MrwZLeyqA***** app_1 | [2021-10-08 10:47:52.662] [DEBUG] console - ep_ldapauth.authenticate: successful authentication app_1 | [2021-10-08 10:47:52.662] [INFO] http - Successful authentication from IP *** for user app_1 | [2021-10-08 10:47:52.664] [DEBUG] http - 403, GET /admin
`