[Xerte] Changes for Non-LDAP Login

Patrick Lockley Patrick.Lockley at nottingham.ac.uk
Wed Jun 3 10:57:56 BST 2009 

Thanks Chris.

We're looking to create a "non-ldap working group" for version 1.5, so
at some point we'll need to take this work forward and hopefully you'd
be interested in this.

Think we should give the list a break from LDAP though for a while :)

-----Original Message-----
From: xerte-bounces at lists.nottingham.ac.uk
[mailto:xerte-bounces at lists.nottingham.ac.uk] On Behalf Of Chris
Peachment
Sent: 03 June 2009 02:13
To: Xerte discussion list
Subject: RE: [Xerte] Changes for Non-LDAP Login

On Tue, 2009-06-02 at 22:22 +0100, Julian Tenney wrote:

> Where are you getting your list of users from?

Records inserted in the logindetails table using MySqlAdmin.


>  Do you also have a 'create account / sign in' set of pages?

No. The number of people using this application in this case is
just a handful, so the above method is sufficient.


>  I think if we could get all that working, so that:
>  
> - anyone can create an account and sign up [see 'create account', and
> login prompt links on the front page]

This is a desirable feature for situations with a great number
of users.


> - anyone with an account can sign in (so you can restrict access to
> known users) [just see login prompts]

This is what happens in my case now.


> - easily switch to LDAP [just see login prompts]

The changes use a test of:

	if(strlen($xerte_toolkits_site->ldap_host) == 0) {
	...
	}

to control use of this feature. So if there is an entry in
sitedetails.ldap_host then LDAP is used. This was done to
avoid adding additional attribute(s) to the sitedetails table.


> - easily plug in your own authentication (by setting a parameter
> 'login_script' or similar [user sees login prompts, some script you
> pass username and password to it and it returns 'true' or 'false']

I coded it as a separate function in login_library.php however
the existing use of multiple check_login type functions means
that it must also set the user credentials as fields in the
$xerte_toolkits_site array (firstname and surname), as well as
the true/false return value.

There are a couple of minor reordering of lines of code to
ensure the database is open at the correct time, and changes
of 'include xxx.php' to 'require_once xxx.php'


>  
> If all this is covered in one file, based on a setting for the
> authentication you want, it ought be possible in those four switches
> to do all the options?
>  
> Does this sound like a sensible solution? This would be a really good
> problem to get sorted. I could do with a list of you that are
> interested, and what you think you could contribute - this is a
> problem that needs quite a few points of view accomodating. Then we
> can work on it without swamping the list, and use the google code site
> to sort this out. We can use the google code tools and discuss things
> there, and use the .svn.
>  
> J
> 
> 
> ______________________________________________________________________
> From: xerte-bounces at lists.nottingham.ac.uk on behalf of Chris
> Peachment
> Sent: Tue 02/06/2009 20:34
> To: xerte at lists.nottingham.ac.uk
> Subject: [Xerte] Changes for Non-LDAP Login
> 
> 
> I have made a small number of changes to a copy of the xerte
> online toolkits version 1.0.2 that is running on my Linux server.
> 
> These changes permit user login without requiring an LDAP server.
> They include:
> 
> 1. addition of a password attribute to the logindetails table.
> 2. alterations to the files:
>         xerte/index.php
>         xerte/website_code/php/login_library.php
> 
> 3. manual insertion of user records into logindetails since
> there is no user interface as part of the toolkit.
> 
> These changes are rudimentary and have been tested far enough
> to demonstrate creation / export of content. It is likely that
> other changes will be required to cope with login events from
> other access points (e.g. play).
> 
> My question is: how do you want me to publish/present these
> changes for your review and possible addition to the standard
> distribution?
> 
> Regards, Chris Peachment
> 
> 
> _______________________________________________
> Xerte mailing list
> Xerte at lists.nottingham.ac.uk
> http://lists.nottingham.ac.uk/mailman/listinfo/xerte
> 
> 
> 
> 
> This message has been checked for viruses but the contents of an
> attachment may still contain software viruses, which could damage your
> computer system: you are advised to perform your own checks. Email
> communications with the University of Nottingham may be monitored as
> permitted by UK legislation.
> 

_______________________________________________
Xerte mailing list
Xerte at lists.nottingham.ac.uk
http://lists.nottingham.ac.uk/mailman/listinfo/xerte

More information about the Xerte mailing list