vb.org Archive
Page 11 of 15 « First 910 11 1213 Last »
Show 40 post(s) from this thread on one page

vb.org Archive (https://vborg.vbsupport.ru/index.php)
-   Modification Graveyard (https://vborg.vbsupport.ru/forumdisplay.php?f=224)
-   -   Miscellaneous Hacks - LDAP Authentication (https://vborg.vbsupport.ru/showthread.php?t=196596)

Haqa 11-07-2009 08:41 PM
Quote:
Originally Posted by kamalrij (Post 1869519)
We're using this plugin along with Full Name support for LDAP Auth plugin to connect to our corporate LDAP directory.

The official email ID of people in our company is to change from handle@company.com to firstname.lastname@company.com.

When people try to login after their email ID has changed they get the following error

vBulletin Message
Error creating/updating user
Array

Once the email ID updated to firstname.lastname@company.com from the admin control panel they are able to login.

Is there a way to be dynamically updated every time everytime a user logs in through this plugin OR for the user to be allowed to login with his ldap credentials but reflecting his handle@company.com ID (i.e. for the authentication to work without the error mentioned earlier).
handle@company.com would be set as an alias to firstname.lastname@company.com on the mail servers so the email notifications would continue to work.

Thanks you in advance
Kamal
The issue here is that the one thing which must not change is the users' email addresses.

You will have to manually update the email address for each account, I'm afraid...

H.

ysam 12-28-2009 07:12 PM
Hi guyz,

Any chance of getting this to work in vb4?

ysam 12-29-2009 09:07 PM
Ok so I am the first to report it works in vb4pl1.

Only problem is

Quote:
Error creating/updating user
Array
but works ok if you do remove the mysql_real_escape_string() function in
Quote:
WHERE LOWER(email) = LOWER('".mysql_real_escape_string($userData[0]['mail'][0])."')");
Will Test Further....

Nice work and congrats.

chri55555 12-31-2009 01:15 PM
Hi Ho, this is Chris.

I am also implementing this in VBB4 right now .....

let's get dirty :)

UPDATE: Ldap_Auth is woring now BUT:

If a user is NOT in the LDAP it will not get generated :(
Is there a way to generate Users in LDAP from Existing Account data in VBB?
We want LDAP for Moodle and OTRS Integration SingleSignOn - so we need all Usernames with PWDs in LDAP.
( I wanted to export the UserPasswords direct via batch in LDIF BUT the salting prevents me from doing so ... )

Please give me a hint on the right direction,

Chris

Haqa 01-04-2010 11:46 AM
Quote:
Originally Posted by ysam (Post 1941898)
Ok so I am the first to report it works in vb4pl1.

Only problem is



but works ok if you do remove the mysql_real_escape_string() function in


Will Test Further....

Nice work and congrats.
Removing that will bite you the first time someone has a character in their email which PHP or MySQL consider significant. We, for example, had a user whos email address contained a single quote (Their name was something like Fred O'Flintstone or something, so the brain-dead windows AD made their email address fred.o'flintstone or something disturbingly similar!!).

YMMV...

Many thanks to all who have taken this and made such progress including getting it to work on 4.0, I'd expected that not to be possible... Well done all!

H.

FFSBC 03-15-2010 07:35 PM
Installed as directed and worked first try without modification. Authenticating against server 2003 AD. :)

john.parlane 04-01-2010 12:04 AM
We're finding that the 'remember me' tick box is not working. The cookie is not being set correctly so that when the user comes back they have to re-enter their login each time.

Is anybody else gettings this?

Currently working on a fix...

cowbert 05-21-2010 02:33 AM
Quote:
Originally Posted by Haqa (Post 1946828)
Removing that will bite you the first time someone has a character in their email which PHP or MySQL consider significant. We, for example, had a user whos email address contained a single quote (Their name was something like Fred O'Flintstone or something, so the brain-dead windows AD made their email address fred.o'flintstone or something disturbingly similar!!).

YMMV...

Many thanks to all who have taken this and made such progress including getting it to work on 4.0, I'd expected that not to be possible... Well done all!

H.
Here is the fixup:

You need to use the new-style object call to escape the chars, don't use the php external function(s) (particularly because people may be using mysqli and so forth)

Replace all instances of "mysql_real_escape_string()" with:

$vbulletin->db->escape_string(htmlspecialchars_uni(

This is how functions_login.php makes the call, so should you...

john.parlane 05-21-2010 02:55 AM
Quote:
Originally Posted by john.parlane (Post 2013763)
We're finding that the 'remember me' tick box is not working. The cookie is not being set correctly so that when the user comes back they have to re-enter their login each time.

Is anybody else gettings this?

Currently working on a fix...
Have implemented fix for this, as shown below. The code expands on the "if ($newuser->errors)" statement right at the end.

The problem was that after the user is saved with "$newuser->save()" the cookie salt is changed and the password rehashed in the database. The cookie then doesnt match it. Fix is to simply recreate the cookie by getting and rehashing the db password.

Have also implemented jaikumarm's fix for the first time login issue here.

Code:
if ($newuser->errors) {
  process_logout();
  eval(standard_error("Error creating/updating user<br/>".$newuser->errors));
 } else {
  $newuserid = $newuser->save();
 
  // Saving the user (above) rehashes the password on the DB so now need to update cookie password also, or 'remember me' login optoin will fail.
  $dbuserinfo = $vbulletin->db->query_first_slave("SELECT password FROM vbull.user WHERE username = '$username'");
  if ($dbuserinfo) {
    $db_hashed_pwd = $dbuserinfo['password'];
    $cookie_hashed_pwd = md5($db_hashed_pwd.COOKIE_SALT);
    vbsetcookie('password', $cookie_hashed_pwd);
  }
 
  // Following code is necessary to fix a hook timing issue with this plugin that results in users being told their login credentials are wrong the first time they login with LDAP credentials
  verify_authentication($username, $passwd, $vbulletin->GPC['vb_login_md5password'], $vbulletin->GPC['vb_login_md5password_utf'], $vbulletin->GPC['cookieuser'], true);
  exec_unstrike_user($username);
  process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);
  do_login_redirect();

 }
}
Note that $username needs to be set a the top top of the script, along with $passwd, with:

$username = $vbulletin->GPC['vb_login_username'];
$passwd = $vbulletin->GPC['vb_login_password'];

And I removed the following line (118) which doesnt seem to do anything useful:

$vbulletin->GPC['cookieuser'] = $vbulletin->GPC['vb_login_username'];

cowbert 05-21-2010 01:59 PM
Quote:
Originally Posted by john.parlane (Post 2040946)
Have implemented fix for this, as shown below. The code expands on the "if ($newuser->errors)" statement right at the end.

The problem was that after the user is saved with "$newuser->save()" the cookie salt is changed and the password rehashed in the database. The cookie then doesnt match it. Fix is to simply recreate the cookie by getting and rehashing the db password.

Have also implemented jaikumarm's fix for the first time login issue here.

Code:
if ($newuser->errors) {
  process_logout();
  eval(standard_error("Error creating/updating user<br/>".$newuser->errors));
 } else {
  $newuserid = $newuser->save();
 
  // Saving the user (above) rehashes the password on the DB so now need to update cookie password also, or 'remember me' login optoin will fail.
  $dbuserinfo = $vbulletin->db->query_first_slave("SELECT password FROM vbull.user WHERE username = '$username'");
  if ($dbuserinfo) {
    $db_hashed_pwd = $dbuserinfo['password'];
    $cookie_hashed_pwd = md5($db_hashed_pwd.COOKIE_SALT);
    vbsetcookie('password', $cookie_hashed_pwd);
  }
 
  // Following code is necessary to fix a hook timing issue with this plugin that results in users being told their login credentials are wrong the first time they login with LDAP credentials
  verify_authentication($username, $passwd, $vbulletin->GPC['vb_login_md5password'], $vbulletin->GPC['vb_login_md5password_utf'], $vbulletin->GPC['cookieuser'], true);
  exec_unstrike_user($username);
  process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);
  do_login_redirect();

 }
}
Note that $username and $passwd need to be set up at top of script with:

$username = $vbulletin->GPC['vb_login_username'];
$passwd = $vbulletin->GPC['vb_login_password'];

And I removed the following line (118) which doesnt seem to do anything useful:

$vbulletin->GPC['cookieuser'] = $vbulletin->GPC['vb_login_username'];
Remember to use the generic TABLE_PREFIX consts. I would recommend against setting new aliased variables; it only saves typing, and then you have to add additional doco like you do. Just stick with $vbulletin->GPC[]. (Btw $passwd is already assigned on line 30, and $vbulletin->GPC['vb_login_password'] is cleared for safety). And don't forget to $vbulletin->db->escape_string either...


All times are GMT. The time now is 06:04 PM.
Page 11 of 15 « First 910 11 1213 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.

X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01496 seconds
  • Memory Usage 1,764KB
  • Queries Executed 10 (?)
More Information
Template Usage:
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_code_printable
  • (7)bbcode_quote_printable
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (1)post_thanks_navbar_search
  • (1)printthread
  • (10)printthreadbit
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • showthread
Included Files:
  • ./printthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/class_bbcode_alt.php
  • ./includes/class_bbcode.php
  • ./includes/functions_bigthree.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • printthread_start
  • pagenav_page
  • pagenav_complete
  • bbcode_fetch_tags
  • bbcode_create
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • printthread_post
  • printthread_complete