ldapauth_auth doesn't initialize $ldap, fails to work with httpauth
| Project: | LDAP integration |
| Version: | 5.x-1.3 |
| Component: | Code |
| Category: | bug report |
| Priority: | normal |
| Assigned: | kreaper |
| Status: | closed |
I'm converting my campus Public Interest Research Group's site to Drupal: sfpirg.ca
We use the LDAP module to integrate with the campus LDAP directory and the Gallery module for maintaining photos and multimedia. With these two modules, I can login to the embedded Gallery with my campus username and password.
We want to use the Gallery WebDAV module to mount Gallery on the desktop and manage multimedia by drag and drop, so we installed the Drupal HTTP auth module and enabled it for the Drupal Gallery module. Now we can login to Drupal with local accounts and HTTP authentication, but when we try to login with LDAP accounts and HTTP authentication, Drupal just hangs.
I traced the problem to the $ldap->connect($dn, $pass) line in _ldapauth_user_lookup. The problem is the HTTP auth module calls user_authenticate($name, $pass), which calls module_invoke('ldapauth', 'auth', $name, $pass, $server) and ldapauth_auth doesn't initialize $ldap.
ldapauth_login_validate calls _ldapauth_check_ldap($name, $pass), but ldapauth_auth doesn't, so _ldapauth_init isn't called.
Thanks, Jack
#1
This patch fixed our problem. We move the loop over LDAP configurations and the _ldapauth_init call to ldapauth_auth.
Because ldapauth_auth re-combines $name and $server:
$login_name = $server ? $name . '@' . $server : $name;
- we don't bother splitting them in _ldapauth_check_ldap.
Finally _ldapauth_check_ldap does nothing interesting anymore, so we change the two calls to _ldapauth_check_ldap($name, $pass) to ldapauth_auth($name, $pass, null);
We can now mount Gallery on the desktop with WebDAV, using campus LDAP usernames and passwords, and manage photos by drag and drop.
Thanks for maintaining Drupal LDAP integration! Jack
#2
jablko
Thank you for the patch. I have committed the patch to HEAD. Please test it so that we can incorporate this into the next release.
kreaper
#3
Securesite.module is also trying to integrate with ldapauth and running into similar problems. See http://drupal.org/node/97197 for the current solution, which involves calling _ldapauth_user_authenticate. We also ran into problems with ldapauth_auth. I'd suggest not initializing $ldap->server to 'example.com', as the LDAP module was actually trying to connect to example.com to authenticate.
#4
$ldap->server is now set to NULL as default.
The code change is in HEAD and will be incorporated into 5.x-1.3
kreaper
#5
#6
fix made available in 5.x-1.3