vb.org Archive - View Single Post - Integration with vBulletin - vBulletin Ldap Authentication Plugin 1.0.1

danlavu · #16 01-22-2010, 05:49 AM

OK, I finally got it working properly, here is my controller.php and ldapconfig.inc.php

controller.php (modified ldap parameters to bind to a database, and because I'm using AD, I changed my search filter to 'samaccountname' instead of uid.

Code:

<?php
//
// main php file for vBulletin authentication against LDAP
// (c) andreas sartori, 2006
//

error_reporting(E_ALL & ~E_NOTICE);
define('THIS_SCRIPT', 'controller.php');

// some basic requirements
require_once('./global.php');
require_once(DIR . '/includes/functions_login.php');
require_once(DIR . '/ldapAuth/ldapfunctions.inc.php');
require_once(DIR . '/ldapAuth/ldapconfig.inc.php');

// if login form is admin or moderator login, dont use ldap authentication
if(($vbulletin->GPC['logintype'] == "cplogin") || ($vbulletin->GPC['logintype'] == "modcplogin"))
{
        return;
}

// if there is no password submitted, redirect to standard error
if ($vbulletin->GPC['vb_login_password'] == '')
{
        eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));
}

// create the ldap search filter
$ldapFilter = "(samaccountname=" . $vbulletin->GPC['vb_login_username'] .")";

// connect to the LDAP Server
$ldapConnection = ldap_connect($ldapServer, $ldapPort);

if($ldapConnection)
{
        $ldapBind = ldap_bind($ldapConnection, $ldapBindUser, $ldapBindPassword);
        // search for the username and get the DN
        $searchDn=ldap_search($ldapConnection,$ldapBase,$ldapFilter);
        $searchResult=ldap_get_entries($ldapConnection,$searchDn);

        // if no user is found in ldap, redirect to standard error
        if(sizeof($searchResult) < 2)
        {
                eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'],$strikes)));
        }

        // write the FIRST found DN to $bindDn;
        $bindDn=$searchResult[0]['dn'];

        // bind to the ldap server with specified credentials (dn, password)
        $ldap_bind = @ldap_bind($ldapConnection, $bindDn, $vbulletin->GPC['vb_login_password']);

        // close the server connection
        ldap_close($ldapConnection);

        // ldap bind did not succeed, wrong username/password combination
        if ($ldap_bind != 1)
        {
                eval(standard_error(fetch_error('badlogin', $vbulletin->options['bburl'], $vbulletin->session->vars['sessionurl'], $strikes)));
        }
        else
        {
                // generate a template for vBulletin user database
                $randomSalt=genSalt();
                $randomPass=md5(crypt($randomSalt,$randomSalt));
                $newuser =& datamanager_init('User', $vbulletin, ERRTYPE_ARRAY);
                $newuser->set('username', $vbulletin->GPC['vb_login_username']);

                // get the email address from ldap
                $ldapConnection = ldap_connect($ldapServer, $ldapPort);
                if($ldapConnection)
                {
                        $ldapBind = ldap_bind($ldapConnection, $ldapBindUser, $ldapBindPassword);
                        $searchEmail=ldap_search($ldapConnection,$ldapBase,$ldapFilter, $ldapEmailAttr);
                        $userEmail=ldap_get_entries($ldapConnection,$searchEmail);
                        if(sizeof($userEmail) < 2)
                        {
                                $newuser->set('email', $noEmailExists);
                        }
                        else
                        {
                                $newuser->set('email', $userEmail[0]['mail'][0]);
                        }
                }

                ldap_close($ldapConnection);

                $newuser->set('password', $randomPass);
                $newuser->set('usergroupid', 2);

                $newuser->pre_save();

                // try to create the user in vBulletin; if it works save the dataset else just login
                if (!empty($newuser->errors))
                {
                        $vbulletin->GPC['vb_login_username']=$vbulletin->GPC['vb_login_username'];
                        $vbulletin->GPC['cookieuser']=$vbulletin->GPC['vb_login_username'];
                        verify_authentication($vbulletin->GPC['vb_login_username'], $vbulletin->GPC['cookieuser'], true);
                        exec_unstrike_user($vbulletin->GPC['vb_login_username']);
                        process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);
                        do_login_redirect();
                }
                else
                {
                        $newuser->set_info('coppauser', false);
                        $vbulletin->userinfo['userid']
                        = $userid
                        = $newuser->save();
                        $vbulletin->GPC['vb_login_username']=$vbulletin->GPC['vb_login_username'];
                        $vbulletin->GPC['cookieuser']=$vbulletin->GPC['vb_login_username'];
                        verify_authentication($vbulletin->GPC['vb_login_username'], $vbulletin->GPC['cookieuser'], true);
                        exec_unstrike_user($vbulletin->GPC['vb_login_username']);
                        process_new_login($vbulletin->GPC['logintype'], $vbulletin->GPC['cookieuser'], $vbulletin->GPC['cssprefs']);
                        do_login_redirect();
                }
        }
}
?>

ldapconfig.inc.php (Add user bind and pass variable)

Code:

<?php
//
// ldap configuration for vBulletin authentication against LDAP
// (c) andreas sartori, 2006
//

error_reporting(E_ALL & ~E_NOTICE);
define('THIS_SCRIPT', 'ldapconfig.php');

// Server Settings
$ldapBindUser = "ldapuser";
$ldapBindPassword = "ilikeldap";
$ldapServer = "0.0.0.0";
$ldapPort = 389;
$ldapBase = "ou=users,dc=vbulletin,dc=org";

// Search Settings
$ldapEmailAttr = array( "mail" );
$noEmailExists = ""

?>

I hope this helps.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01326 seconds Memory Usage 1,792KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (2)bbcode_code (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: