11
Mithrandir
Re: LDAP authentication

$uid_attr "uid";
$mail_attr "mail";
$name_attr "cn";
$ldap_server "ldap.bb.cc.dd";
$ldap_port 389;
$base_dn "ou=People,o=bb.cc.dd";
$timezone_offset 1;

This could be set in preferences with a slight hack, couldn't it?

Possibly with a yes/no setting to enable/disable LDAP authentication?

if ($xoopsConfig['ldap_auth'] != false) {
    
$ldap_criteria = new CriteriaCompo(new Criteria('uname'$uname));
    
$ldap_criteria->add(new Criteria('pass'$pwd));        
    
$authenticated $this->_uHandler->LDAPAuthentication($ldap_criteriafalse);
}

12
mercibe
Re: LDAP authentication
  • 2004/4/13 9:12

  • mercibe

  • Just popping in

  • Posts: 55

  • Since: 2003/6/12


This is exactly what I would expect in the next XOOPS release

Benoit

13
hagane
Re: LDAP authentication
  • 2004/7/27 3:00

  • hagane

  • Just popping in

  • Posts: 2

  • Since: 2004/7/27


thanks your work.

I wanted to check the LDAP password.
I added LDAP password check to your code.

function LDAPAuthentication($criteria null)
    {
        
$uid_attr "uid";
        
$mail_attr "mail";
        
$name_attr "cn";
        
$pass_attr "userpassword";
                                    .
                                    .
                                    .
                    
// Get info from LDAP (mail,name)
                    
$sr ldap_search($ds,$base_dn,$uid_attr."=".$criteria->crit
eriaElements
[0]->value,Array($mail_attr,$name_attr,$pass_attr));
                                   .
                                    .
                                    .
                   if (
$info["count"] == 1) {
                        
$ldap_pass ereg_replace("{CRYPT}"""$info[0]["userpa
ssword"
][0]);
                        if (
$ldap_pass == crypt($passsubstr($ldap_pass,0,2))) {
                            
// Search user in the DB
                                    
.
                                    .
                                    .
                        }
                                    .
                                    .
                                    .

14
mercibe
Re: LDAP authentication
  • 2004/7/27 5:39

  • mercibe

  • Just popping in

  • Posts: 55

  • Since: 2003/6/12


Hi hagane,

The password is already checked in the code previously provided. It is done during the bind process with the LDAP server

$ldapbind=ldap_bind($ds,$uid_attr."=".$criteria->criteriaElements[0]->value.",".$base_dn,$criteria->criteriaElements[1]->value);
      if(
$ldapbind) {
            
//the user is authenticated
      
}


Do you have any particular reason to do so ? I am interested...

By the way, you might want to have a look at this post https://xoops.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=19401&forum=14 for a more "pluggable" authentication mechanism that should be implemented in a future XOOPS release.

Benoit

15
hagane
Re: LDAP authentication
  • 2004/7/28 23:37

  • hagane

  • Just popping in

  • Posts: 2

  • Since: 2004/7/27



I'm sorry, it my mistake.
I used ldap_bind function that set manager's id and password.

thanks to your information.

16
evol13
Re: LDAP authentication
  • 2004/8/3 2:05

  • evol13

  • Just popping in

  • Posts: 1

  • Since: 2004/8/3 1


Hi to all,
Im new here. I tried to use the previous hack in LDAP but it doesn't work in my site. I already modified the two files(user.php and member.php in kernel folder) but it seems it still authenticating in XOOPS db. I already specify our ldap server.

Did I miss something?

Thanks!

17
sbkiller
Re: LDAP authentication
  • 2004/8/3 2:11

  • sbkiller

  • Just can't stay away

  • Posts: 461

  • Since: 2004/6/9 2


What this LDAP do? I don't get what is it... anyone can explain or show example?

Thank You!

18
mercibe
Re: LDAP authentication
  • 2004/8/3 5:42

  • mercibe

  • Just popping in

  • Posts: 55

  • Since: 2003/6/12


Hi evol13,

If you applied the hack step by step it should work. If the LDAP authentication fails, the hack automatically performs the default XOOPS authentication. I suggest you double check your LDAP parameters. What kind of LDAP server are you using: Active Directory, OpenLDAP, IPlanet, eDirectory, etc. ? Try to debug/add some "echo" to verify that the bind/connection to your LDAP server is OK.

I suggest you use this hack instead that will soon be included in the official XOOPS kernel (I hope this month)
https://xoops.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=19401&forum=14

The code is almost the same but you can quickly develop/test multiple authentication schemes without touching the kernel too much. And you can fall back to the default XOOPS authentication in 5 seconds by modifying only one string in your mainfile.php

Best regards,

Benoit

19
mercibe
Re: LDAP authentication
  • 2004/8/3 5:49

  • mercibe

  • Just popping in

  • Posts: 55

  • Since: 2003/6/12


This hack allows you to authenticate your XOOPS users from an external LDAP repository. By default XOOPS authenticates users with passwords stored in the XOOPS MySQL database. By externalising the authentication process as explained in this hack and in a much better way in https://xoops.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=19401&forum=14
you could easily integrate XOOPS in an existing "authentication" infrastructure. Most companies are using an LDAP directory server (Active Directory, eDirectory, etc.) or another kind of centralised authentication server to authenticate their users centrally in a product "independant" way.

Hope this short explanation will help you to get the global picture...

Benoit

20
hidde
Re: LDAP authentication
  • 2004/10/1 10:05

  • hidde

  • Just popping in

  • Posts: 4

  • Since: 2004/10/1


Hello, This is my first post at this site.

I tried to setup your source code on my server.
But After login submition, the page shows all white and say this message on debug mode.
"Fatal error: Call to undefined function: ldap_connect() in .... user.php"

Could you help me about this probrem?

Thanks in advance.

Login

Who's Online

459 user(s) are online (328 user(s) are browsing Support Forums)


Members: 0


Guests: 459


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits