The Joomla! Forum ™

Download

Demo


Board index » Joomla! Development Forums » Joomla! Development » Joomla! 1.5 Coding

Forum rules


Please use the mailing list here: http://groups.google.com/group/joomla-dev-general rather than this forum.



Post new topic Reply to topic  Page 1 of 15
  [ 444 posts ]  Go to page 1, 2, 3, 4, 5 ... 15  Next
  Print view Previous topic | Next topic 
Author Message
mihu
PostPosted: Thu Oct 12, 2006 10:18 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
One of Joomla 1.5 feature "LDAP"?  I am just wondering how to make it work.

I check the forum and someone said it will only be avalible for 1.6 ... but hope it's just a history from a old post.

:-[

_________________
bento2go.com - We DO NOT sell bento !!


Last edited by mihu on Thu Sep 06, 2007 5:28 pm, edited 1 time in total.

Top
 Profile  
 
brad
PostPosted: Thu Oct 12, 2006 10:25 pm 
User avatar
Joomla! Master
Joomla! Master
Offline

Joined: Fri Aug 12, 2005 12:38 am
Posts: 13169
Location: Sydney - Australia
http://dev.joomla.org/component/option, ... ,33/cat,2/

_________________
Brad Baker - Follow me on Google+
http://www.rochen.com - Joomla! Hosting, the correct way.
http://www.joomlatutorials.com <-- Joomla Help
..somewhere in this hospital the anguished oink of a pig man cries out for help..
Top
 Profile  
 
mihu
PostPosted: Thu Oct 12, 2006 11:41 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
thanks for response but I personally didn't get much information from those article ...

anyway .. I tried to play with LDAP but still have no luck

Can someone sort of explain to me how are we gonna fill out those parameter inside of LDAP plig-ins

Base On ?
Connecting String ?
Search String?
User DN?

Is anyone make this work yet ?

_________________
bento2go.com - We DO NOT sell bento !!
Top
 Profile  
 
Klebeband
PostPosted: Fri Oct 13, 2006 10:27 am 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
Hi there!

I just tried the LDAP authentification with Joomla 1.5. But it doesn't work for me. I think, the reason is the structure in our LDAP. There are a lot of different DNs, which the users have to bind. So I added a few lines of code. My solution: There will be no try to bind with the users dn and the password. Instead i use the ldap function ldap_compare. Now it works fine for me. If anyone interesting in my version, i will post the code here or make a plugin.

Sorry for my bad english. I hope someone can understand me  :-[
Top
 Profile  
 
rayo
PostPosted: Fri Oct 13, 2006 2:39 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Tue Oct 10, 2006 6:13 pm
Posts: 7
Posting the code will be good but If you could make a plugin that would be great!!!  :laugh:


Last edited by rayo on Fri Oct 13, 2006 2:45 pm, edited 1 time in total.

Top
 Profile  
 
joshbwhite
PostPosted: Fri Oct 13, 2006 3:46 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Thu Oct 12, 2006 9:42 pm
Posts: 5
I would like to see the code very much. And I have to agree, that link that keeps getting posted to the dev blog on LDAP contains no information. It is fine LDAP isn't perfect, but it would be nice to get a bit of dialogue on the topic.

Has anyone gotten the Gmail auth to work?


Last edited by joshbwhite on Fri Oct 13, 2006 3:52 pm, edited 1 time in total.

Top
 Profile  
 
mihu
PostPosted: Fri Oct 13, 2006 5:54 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
Klebeband wrote:
Hi there!

I just tried the LDAP authentification with Joomla 1.5. But it doesn't work for me. I think, the reason is the structure in our LDAP. There are a lot of different DNs, which the users have to bind. So I added a few lines of code. My solution: There will be no try to bind with the users dn and the password. Instead i use the ldap function ldap_compare. Now it works fine for me. If anyone interesting in my version, i will post the code here or make a plugin.

Sorry for my bad english. I hope someone can understand me  :-[


if you don't mind .. can you post a code first ..
maybe ppl can return some feedback so you can put those into your pligin .. better  :P

_________________
bento2go.com - We DO NOT sell bento !!
Top
 Profile  
 
Klebeband
PostPosted: Sat Oct 14, 2006 1:19 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
Hi again!

On monday i will post the code. It is on my computer at work, so i can't post it earlier.

The code is only an extension of the ldap plugin. So perhaps we can put it in the official plugin.

Bye!
Top
 Profile  
 
Klebeband
PostPosted: Mon Oct 16, 2006 7:57 am 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
So here is the function, i added in libaries/joomla/client/ldap.php:
Code:
function pass_compare ($username = null, $password = null) {
      if (is_null($username)) {
         $username = $this->username;
      }
      if (is_null($password)) {
         $username = $this->password;
      }

    $resource = $this->_resource;
    if($this->connect && $this->connect_password) {
      $r=ldap_bind($resource,$this->connect,$this->connect_password);
    }
    $result = @ ldap_search($resource,$this->base_dn,"cn=".$username,array("dn"));
    $entries = @ ldap_get_entries($resource, $result);

    $compareResult = @ ldap_compare($resource, $entries[0]['dn'],"userPassword", $password);

    if ($compareResult===TRUE) {
      return TRUE;
    } else {
      return FALSE;
    }

  }


If you want to try this, unpack this zip (http://www.pvs-buedingen.de/downloads/klebe_ldap.zip)  and copy the files to your test-installation. In the admin menu you can choose the method. "Bind" for the old behavior, "compare" for my try.   

If there  are problems or questions post them here.
Good luck!


Last edited by Klebeband on Mon Oct 16, 2006 9:19 am, edited 1 time in total.

Top
 Profile  
 
diri
PostPosted: Mon Oct 16, 2006 9:09 am 
Joomla! Guru
Joomla! Guru
Offline

Joined: Wed Sep 21, 2005 9:27 am
Posts: 702
Location: Somewhere
Klebeband wrote:
http://www.pvs-buedignen.de/downloads/klebe_ldap.zip


Quoting denic.de:
Quote:
Die Domain "pvs-buedignen.de" ist nicht registriert.


Would you share a valid link, please? 8)

_________________
Don't confuse me with facts. Read
http://www.heise.de/security/Massenhack ... from/rss09
Top
 Profile  
 
diri
PostPosted: Mon Oct 16, 2006 9:15 am 
Joomla! Guru
Joomla! Guru
Offline

Joined: Wed Sep 21, 2005 9:27 am
Posts: 702
Location: Somewhere
Ok, found it (typical cut'n paste error after a typo):
http://www.pvs-buedingen.de/downloads/klebe_ldap.zip

_________________
Don't confuse me with facts. Read
http://www.heise.de/security/Massenhack ... from/rss09
Top
 Profile  
 
Klebeband
PostPosted: Mon Oct 16, 2006 9:20 am 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
Oh, you'r right. I just changed it in my post.
Thanks!
Top
 Profile  
 
Klebeband
PostPosted: Mon Oct 16, 2006 9:25 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
Hi again!

Have already does someone mean tested script?
Top
 Profile  
 
mihu
PostPosted: Mon Oct 16, 2006 9:29 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
Klebeband wrote:
Hi again!

Have already does someone mean tested script?


I tried to but still fail .. I don't know how exactly should I do for the parameter setting.

I am reading the code and try to figure out.

by the way, why this one is "$username = $this->password;"

Code:
   /**
    * Binds to the LDAP directory
    * @param string The username
    * @param string The password
    * @return boolean Result
    * @access public
    */
   function bind($username = null, $password = null) {
      if (is_null($username)) {
         $username = $this->username;
      }
      if (is_null($password)) {
         $username = $this->password;
      }
      $this->setDN($username);
      $bindResult = @ ldap_bind($this->_resource, $this->getDN(), $password);

      return $bindResult;
   }

_________________
bento2go.com - We DO NOT sell bento !!
Top
 Profile  
 
rayo
PostPosted: Mon Oct 16, 2006 9:43 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Tue Oct 10, 2006 6:13 pm
Posts: 7
Is anyone actually using Active Directory in a windows 2003 server environment?
Top
 Profile  
 
mihu
PostPosted: Mon Oct 16, 2006 11:05 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
Klebeband wrote:
Hi again!

Have already does someone mean tested script?


I tried but still not working.

Do you know how can I turn on the error log ?

_________________
bento2go.com - We DO NOT sell bento !!
Top
 Profile  
 
Klebeband
PostPosted: Tue Oct 17, 2006 7:21 am 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
Hi mihu,   
the bind function tries a connection to the LDAP with the username and his password. If this is okay, the function returns TRUE (or 1 i just don't know). But this bind doesn't work for me. So i added the pass_compare. If you want to use the pass_compare function, you can change the settings in the admin menu for the LDAP Plugin. Change the Method from bind to compare. Then insert the IP or the name of the LDAP Server. If the LDAP Server don't allow anonymous binds, you have to insert the connection string. For our company the connection string is a little bit longer (cn=username,OU=ENTWICKLUNG,OU=IT,OU=BUEDINGEN,O=PVS). Be sure, you enter here the full connection string from a user, which is allowed to bind to the server ( admin or someone else ). Then insert the password for this user in the "connection password" field.

I hope, this will help you. Which LDAP do you use?

Quote:
by the way, why this one is "$username = $this->password;"

It is not my code. I was thinking about that, but I don't know, if it is a bug or a feature. So i copied it to my code  :-\

Greetings from Germany!
Klebeband
Top
 Profile  
 
Klebeband
PostPosted: Tue Oct 17, 2006 9:22 am 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
I just played a little bit with the code. Oh god, i'm so stupid  >:( The only problem i've got with the original plugin is the structure of our LDAP. The plugin needs the correct connection string for the users. If they are in different containers, the bind doesn't work, because the connection string is given in the settings in the admin menu.
Now i've an other way of solution: i extended the function setDN ,which already exists in the plugin. If there is no entry for the Users DN in the admin menu, the function searches the users DN. In the attached zip, are again 3 files. replace the originals or (if you use) my older ones with the 3 from the zip. Be sure, your entries in the admin menu are right.
Here is the zip-file:
http://www.pvs-buedingen.de/downloads/klebe_ldap.zip

And here ist a screenshot from my admin menu.
Image
There are no more entries. Perhaps you have to change the searchstring like uid=[username].

Again, I hope, this will help someone.
Top
 Profile  
 
mihu
PostPosted: Tue Oct 17, 2006 5:49 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
8) .. I think your code should work fine!

I just need to figure out how my company bind the account and password.
I have no problem to connec to LDAP but I got problem to match the user name and password.

I checked your code .. and it should work fine.

If I got any problem, I'll report.

thx

_________________
bento2go.com - We DO NOT sell bento !!
Top
 Profile  
 
mihu
PostPosted: Tue Oct 17, 2006 6:36 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
Hi, Klebeband ,

Can you help me figure out what might be my problem?

Did you let Joomla create a user for you?
What might be the response if you don't allow Jooma to auto create account for you?

I tried both case, but either one work for me but show "Username and Password do not match!"
I tried to turn auto create user on but no user was created.

I tried to see if I bind to ldap successfully by adding couple debug code into authentication\ldap.php
$success = $ldap->bind($username, $password)
if ($success === FALSE ) {
    die('message');
}
the mssage never show up, so I think it's success!
If I turn off auto create user, there is no much code to run.

How come I still can't get it work ?
Btw, I tried to gmail authentication ... it's not work for me too.
??? .. do anyone know what might be the problem.

Btw, can joomla authentication co-exist w/ ldap?

_________________
bento2go.com - We DO NOT sell bento !!


Last edited by mihu on Tue Oct 17, 2006 6:55 pm, edited 1 time in total.

Top
 Profile  
 
Klebeband
PostPosted: Tue Oct 17, 2006 7:55 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
Hi mihu!

First a simple one: the joomla authentification canco-exits with ldap!

The other problem perhaps simple too. The autocreated doesn't work for me too. So create an user (which exits in the LDAP) in the admin menu and try again. Perhaps, thats all. If this works, i will look after the autocreate thing...
Top
 Profile  
 
joshbwhite
PostPosted: Tue Oct 17, 2006 8:14 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Thu Oct 12, 2006 9:42 pm
Posts: 5
Klebeband, you are right, so the user creation script does not work. I created the user with no password on the joomla user creator and now my LDAP authenticates fine. Let me know if you find a way to get Joomla to add the user as they log in. I'll be trying as well, I don't think manually adding all my users is something I feel like spending the next two weeks doing.

If I turned off joomla auth, do you think it will still authorize with ldap?

If it helps anyone I used Klebeband's mod. I am using Ldap V3 so I switched that to yes.
I used the IP of my host name and the standard port.

Base DN - ou=People,dc=my,dc=website,dc=com

Search String - uid=[username]


Last edited by joshbwhite on Tue Oct 17, 2006 8:42 pm, edited 1 time in total.

Top
 Profile  
 
mihu
PostPosted: Tue Oct 17, 2006 8:51 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
joshbwhite wrote:
If I turned off joomla auth, do you think it will still authorize with ldap?


I don't think you wanna do that.  :P cause u might not able to login as admin again ...

okay .. now I sort of get the idea of LDAP
Please correct me if this is not what you guys saying.
1. create a username by joomla w/o assign password and make sure the username is exist in your LDAP
...
well .. there is only one step after u filled in the information and turn on the plugin  :-[

I will try to work on auto create user if it's realli not work.
Let's fix this and put it to stable version if and only if it's not function correct.
;D .. let's rock .. thanks u guys

_________________
bento2go.com - We DO NOT sell bento !!
Top
 Profile  
 
mihu
PostPosted: Tue Oct 17, 2006 9:44 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
;D ;D ;D
I DID IT guys ... I hope this can work for everyone but not just me.


I changed the following code base on Klebeband's modification.
In file: plugins\authentication\ldap.php
Code:
$userdetails = $ldap->search(Array('(cn='.$username.')')); // Grab the email


To

Code:
$search = str_replace('[username]', $username, $ldap->search_string);
$userdetails = $ldap->search(Array('('.$search.')'));


My user account or login name is not base on "cn", which might be use by most of ppl.
What I did is use whatever we specify in the searching_string?

Please report if this is not work on ur case .. I will try to come out some general case code.

Btw, please make sure the user's email is not exist already.
The admin email address I used is same as my LDAP email address, which cause me sometimes to figure out why it's not working.

_________________
bento2go.com - We DO NOT sell bento !!


Last edited by mihu on Tue Oct 17, 2006 9:51 pm, edited 1 time in total.

Top
 Profile  
 
Klebeband
PostPosted: Tue Oct 17, 2006 9:51 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
Hi all!

Really good work!

Tomorrow i will change my mod, clean up the code and build a ready-to-install plugin. Perhaps we can put in in the stable version.

One question left: What LDAP Server dou you use? OpenLDAP, Novell, Windows2000/2003?
Top
 Profile  
 
Tonie
PostPosted: Tue Oct 17, 2006 9:54 pm 
User avatar
Joomla! Master
Joomla! Master
Offline

Joined: Thu Aug 18, 2005 7:13 am
Posts: 16009
Sam build it against Novell eDirectory. I can test both eDirectory and Active Directory if needed.

_________________
Joomla forum global moderator.

Take care
Top
 Profile  
 
mihu
PostPosted: Tue Oct 17, 2006 9:55 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
I am using active directory!

Btw, Is auto create user works for you guys?

_________________
bento2go.com - We DO NOT sell bento !!
Top
 Profile  
 
Klebeband
PostPosted: Tue Oct 17, 2006 9:58 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
I can't test it now, I'm not at work. But i will tet it tomorrow.

Can you post your connection string? In the german forum is one with problems to bind to the windows ldap and i can't test it. I use Novell
Top
 Profile  
 
mihu
PostPosted: Tue Oct 17, 2006 10:02 pm 
User avatar
Joomla! Guru
Joomla! Guru
Offline

Joined: Mon Mar 20, 2006 8:17 am
Posts: 741
This is the search string I use "samaccountname=[username]"
but my company use "samaccountname" to record user login name
It should be whatever_they_use=[username]
hope this help

_________________
bento2go.com - We DO NOT sell bento !!
Top
 Profile  
 
Klebeband
PostPosted: Tue Oct 17, 2006 10:04 pm 
Joomla! Apprentice
Joomla! Apprentice
Offline

Joined: Fri Oct 13, 2006 9:12 am
Posts: 25
Okay, thank you. I'll test it tomorrow. Now i have to sleep. It's late here.  ;)
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 15
  [ 444 posts ]  Go to page 1, 2, 3, 4, 5 ... 15  Next


Board index » Joomla! Development Forums » Joomla! Development » Joomla! 1.5 Coding

Who is online

Users browsing this forum: No registered users and 16 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group