tykeal
commented
2 years ago Please note: This repository is up for adoption. I no longer have the time to maintain it, nor does my work require it anymore so I have no need to work on it.
Closed AyoubHabra closed 2 years ago
tykeal
commented
2 years ago Please note: This repository is up for adoption. I no longer have the time to maintain it, nor does my work require it anymore so I have no need to work on it.
tykeal
commented
2 years ago As an FYI PR #47 may be a fix for you. But again, I don't have the time (nor inclination to do the validation or testing)
AyoubHabra
commented
2 years ago Thank you very much for your reply.
After upgrading etherpad instance from version 1.8.4 to 1.8.7. Ldap users were not allowed to access admin pages despite being successfully authenticated by ep_ldapauth. And, by reverting to the 1.8.4 (or 1.8.5) version with the same settings, it works again. I think it's related to security fixes applied to Etherpad. Can you help me with this issue please?
` app_1 | [2021-10-08 10:47:52.545] [DEBUG] console - ep_ldapauth.authenticate app_1 | [2021-10-08 10:47:52.661] [DEBUG] console - ep_ldapauth.authenticate: deferring setting of username [**] to CLIENT_READY for express_sid = MrwZLeyqA***** app_1 | [2021-10-08 10:47:52.662] [DEBUG] console - ep_ldapauth.authenticate: successful authentication app_1 | [2021-10-08 10:47:52.662] [INFO] http - Successful authentication from IP *** for user app_1 | [2021-10-08 10:47:52.664] [DEBUG] http - 403, GET /admin
`