[Xerte-dev] Problem with LDAP login with no bind password
Knight-Markiegi, Tom
T.Knight-Markiegi at shu.ac.uk
Fri Aug 9 13:06:50 BST 2013
Hi,
I found a problem with logging in using LDAP using Xerte 2.0 (svn r1068) when there is no LDAP bind password.
We have this setup:
mysql> select ldap_username, ldap_password, ldap_filter, ldap_filter_attr from ldap;
+---------------+---------------+------------------------------+------------------+
| ldap_username | ldap_password | ldap_filter | ldap_filter_attr |
+---------------+---------------+------------------------------+------------------+
| | | (eduPersonAffiliation=staff) | cn |
+---------------+---------------+------------------------------+------------------+
1 row in set (0.00 sec)
This ensures that only staff can log in.
The problem is that the code in library/Xerte/Authentication/Ldap.php was trying to use ldap_filter for anonymous binding and searching when no bind password is used. The attached patch is how I got round this problem at our institution. Something similar may be needed in the block that does use a bind password if the secondary filter should be used for searching.
Thanks,
Tom
--
Tom Knight-Markiegi - Systems Support Team Leader
Web & Learning Environments | Corporate Systems | Information Systems and Technology
Student and Learning Services | Sheffield Hallam University
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20130809/8ceb88ae/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Ldap.php.diff
Type: application/octet-stream
Size: 717 bytes
Desc: Ldap.php.diff
URL: <http://lists.nottingham.ac.uk/pipermail/xerte-dev/attachments/20130809/8ceb88ae/attachment.obj>
More information about the Xerte-dev
mailing list