We recently installed the latest 5.x version of persistent login and noticed a problem with our LDAP assigned roles. We use the ldap integration module to map certain active directory groups to specific roles at login. In addition, I have also created a number of roles using the drupal interface and assigned those to various users.

We noticed this behavior yesterday with our users:
After clicking the remember me button at log in, they log into the site. After they are done working, they close their browser. The next time they navigate to the site, they are already logged in, but their ldap assigned roles have been dropped (only their drupal assigned roles are still applied).

I wasn't sure if this was a known bug, or if others are having a similar issue.

Comments

bjaspan’s picture

bjaspan commented
Status: Active » Postponed (maintainer needs more info)

I do not have a local LDAP system to test against and am not really familiar with it. How can I set up the modules you are using and test them?

gubilla’s picture

gubilla commented

Yea, without the LDAP server it might be tough to test. Basically I have the LDAP Integration module set up to compare user names and passwords entered by the user to their credentials stored in our Active Directory. I also set up the LDAP groups part of that module to map certain groups from the Active Directory to match drupal roles.

I installed the LDAP Integration module and enabled the ldapauth, ldapdata, and ldapgroups. I created a new configuration based on our LDAP settings here, and then performed the advanced configuration that's listed under the LDAP Groups entry in the administration menu.

It seems that when users came back to the site after closing the browser, the drupal roles were applied correctly, but maybe a hook to map those LDAP groups to roles either wasn't called or doesn't exist.

Let me know what info you're looking for if this doesn't answer your question.

bjaspan’s picture

bjaspan commented

Are you still out there? Are you still having this problem?

sunnydeveloper’s picture

sunnydeveloper commented

We are having this same problem.

markus_petrux’s picture

markus_petrux commented
Project: Persistent Login » LDAP integration
Component: Miscellaneous » Code
Status: Postponed (maintainer needs more info) » Active

Actually, I think this is a bug in LDAP integration module. Transfering...

Explanation: PL performs autologin, it uses user_external_login(). This is an API implemented by user module that invokes hook_user('login') and regenerates the session. This is causing the data stored by ldapauth in $_SESSION to be unset.

ldapauth module in LDAP integration package, performs session initialization from ldapauth_login_validate(), which is only invoked at validation time of the login form, which is not correct. It should implement hook_user('login'), and then it will be able to capture the operation performed by PL.

Cheers

johnbarclay’s picture

johnbarclay commented
Status: Active » Closed (won't fix)

Closing 5.x issues to clean out issue queue.