Hi.

I really had a hard time getting the authentication to my LDAP server to work.
After installing and configuring the ldap_integration module I was unable to log in using a LDAP-account.
The error message in the logs was:

LDAP-Login attempt failed for asmithee@server.com: Sorry. Unrecognized username or password. <a href="https://server.com/user/password">Have you forgotten your password?</a>.

After deep investigation I finally found the problem:
In LDAPInterface.php the function() sets a variable called $con which seems to be supposedly global. But that didn't work for me, after returning to the calling function connectAndBind() $con was empty again.
I fixed the problem by modifying establishConnection() to return $con.

Since the patch is so small, I think it's more useful to be able to see it right here rather than by downloading it. Sorry for any inconveniences.

- Christian

--- LDAPInterface.php.orig      2005-08-09 21:25:25.000000000 +0200
+++ LDAPInterface.php   2005-08-09 22:45:36.000000000 +0200
@@ -83,10 +83,11 @@
     }
     $this->connection = $con;
     ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);
+    return $con;
   }
   
   function connectAndBind($dn = '', $pass = '') {
-    $this->establishConnection();
+    $con = $this->establishConnection();
 
     //die('con: ' . $con . ', dn: ' . $dn . ', pass: ' . $pass . ', server: ' . $this->server . ', port: ' . $this->port);
     // We don't want anonymous connections here

Comments

shredda’s picture

shredda commented
Version: » 4.6.x-1.x-dev

Actually, it was Version 4.6.0. Sorry.

- Christian

shredda’s picture

shredda commented

Hi and sorry again.

There is an even more straightforward solution to the problem:

--- LDAPInterface.php.orig      2005-08-10 16:47:15.000000000 +0200
+++ LDAPInterface.php   2005-08-10 16:28:48.000000000 +0200
@@ -95,7 +95,7 @@
       return NULL;
     }
 
-    return $con;
+    return $this->connection;
   }

And I discovered that the problem occurs only if a LDAP user logs in for the first time.
Once (s)he is in the database, everything works.

- Christian

pablobm’s picture

pablobm commented
Status: Needs review » Reviewed & tested by the community

You're right there. I left that one unnoticed.

However, the $con variable is needed for the debug and error messages at connectAndBind(), so I prefer the this solution, close to your second one:

  function connectAndBind($dn = '', $pass = '') {
    $this->establishConnection();

+    $con = $this->connection;
    //die('con: ' . $con . ', dn: ' . $dn . ', pass: ' . $pass . ', server: ' . $this->server . ', port: ' . $this->port);
    // We don't want anonymous connections here
    if (!$dn || !$pass || !ldap_bind($this->connection, $dn, $pass)) {
      watchdog('user', t('LDAP Bind failure for user %user. Error %errno: %error', array('%user' => $dn,'%errno' => ldap_errno($con), '%error' => ldap_error($con))));
      return NULL;
    }

    return $con;
  }
pablobm’s picture

pablobm commented
Status: Reviewed & tested by the community » Closed (fixed)

This should've been closed, no marked as patched :P .

pablobm’s picture

pablobm commented
Assigned: Unassigned » pablobm
Status: Closed (fixed) » Fixed

Sometimes, I really hate myself. Fixed it should've been. (Or, at least, so I think).

Anonymous’s picture

(not verified) commented
pablobm’s picture

pablobm commented
Status: Fixed » Closed (fixed)