Page 1 of 1

[PATCH] LDAP auth/login re-work

Posted: 2008-06-17, 18:11
by alexeb
Hi,

I had to hack apart the authentication section of tclogin.class.php to get LDAP auth to work correctly. While doing this I ended up refactoring the (rather messy) branch structure of login() at the same time.

The patch is at http://pl0rt.org/~alex/tcpro-ldap.diff

Sorry it's not amazingly tidy (some whitespace etc. is patched too) but it works and should be a good start for more work on this. Things to note:

* I added another config option $CONF['LDAP_TLS'] to allow people to configure tls encryption of the LDAP connection.
* There are a couple of extra return codes from ldapVerify now, which will probably need error messages associating with them.
* Users will still need to be created in the database before they can authenticate against LDAP. I didn't fancy digging any further to fix this problem; PHP makes my eyes bleed ;p

Hope you find this useful!

--alex

Re:[PATCH] LDAP auth/login re-work

Posted: 2008-06-17, 20:07
by George
Alex,
thanks for your work on this. I am getting ready to revisit TeamCal Pro shortly and will then incorporate this.
Best regards,
George

PS: "Messy branching" hurt my feelings. It is lengthy maybe, but beautiful... ;)

Re:[PATCH] LDAP auth/login re-work

Posted: 2008-06-19, 09:44
by james
where can i download this module from, i am keen to have ldap support enabled in my instance of teamCal.

thanks

james.

Re:[PATCH] LDAP auth/login re-work

Posted: 2008-06-22, 00:25
by George
Hi James,
unfortunately it is not integrated yet. If you want it right away you need to code it yourself using Aleks's diff of function.tcpro.php.
Best regards,
George

Re:[PATCH] LDAP auth/login re-work

Posted: 2008-06-23, 17:51
by alexeb
Hi james,

You need to download and unpack the tcpro source, then download the patch from the link in my first post. Then, it should be a simple* case of running:

Code: Select all

patch -p0 <tcpro-ldap.diff
in the directory you've unpacked tcpro into.

* simple, as long as you're running a Real OS ;p

Hope this helps!
--alex

Re:[PATCH] LDAP auth/login re-work

Posted: 2011-09-30, 05:55
by mark_burge@hotmail.com
Should LDAP auth be working in 3.3.009 or does it still need this stuff incorporated in it?
I'm not sure if I have the settings wrong or the code is still not working, but I'm getting "LDAP error: LDAP username not found.".
I cant work out how to incorporate alex's changes using Patch on Win XP and I don't know if I still need to be at this date.

Re:[PATCH] LDAP auth/login re-work

Posted: 2011-09-30, 07:48
by George
Hi Mark,
I haven't changed the LDAP code. It should still work as described here. I could not test it tho either.
Best regards,
George

Re:[PATCH] LDAP auth/login re-work

Posted: 2011-10-04, 05:22
by mark_burge@hotmail.com
Ended up that my main problem was needing to change the uid= to cn= in this line of tclogin.class.php

if (!$info = ldap_first_entry($ds, ldap_search($ds, $searchbase, "cn=".$this->U->username, $attr))) return 95;

BTW, did you know that the forum saerch only works for the first page of results? You click to the next page and get nothing...
Oh and there's a 'could not instantiate email function' error on here too. After submitting.

Re:[PATCH] LDAP auth/login re-work

Posted: 2011-10-04, 09:10
by George
Hi Mark

good to know you found a solution.

I know about the shortcomings of the forum software here. I just dont have the time to go through an effort intensive move or upgrade. As long as the bugs are not crushing the system...

Best regards
George