HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


LDAP on Version 9

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#92865 (In Topic #18604)

Non-joined user

password field can remain blank

I just installed version 9.x from an older version we where running. I upgraded the LDAP from a bug fix that Chris issued for version 8.x and it worked great. Now, I have setup up LDAP (Windows Active Directory) and the user can log in with just the Windows name, no password is needed and the box can remain empty as long as they use a valid AD username. Is their someway to make the password filed a required field, if they enter a password and it is wrong then they get the "invalid password error", but if they do not enter a password they are good to go.
Back to the top
 
Posted
Rating:
#92869
Avatar

Yikes!

I spotted this note in the PHP manual comments:
As noted before with the password, I have found that if either  of the valuse for user or password are blank, or as in my case a typo resulted in a blank user as it was an undefined variable, the ldap_bind() will just perform an anonymous bind and return true!
Shouldn't this detect the presence of the additional values and return an error? At least if the user or password is passed. If they are both blank I'm not sure what it should do.

Looks like a subtle bug in PHP, I'll see if we can do a workaround.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#92870
Avatar

Okay, we'll just have to hard-code that blank passwords can't be used. I don't think Windows allows them anyway.

In sources/ocf_ldap.php, change:

Code

   $test=@ldap_bind($LDAP_CONNECTION,$login,$password);
to:

Code

   $test=($password=='')?false:@ldap_bind($LDAP_CONNECTION,$login,$password);


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#92878

Non-joined user

perfect, Chris. I can not tell you how great this product is, does it all and more. Big Thanks

Back to the top
 
Posted
Rating:
#92880
Avatar

Community saint

Guest said

perfect, Chris. I can not tell you how great this product is, does it all and more. Big Thanks


I hope you clicked one of the 'Vote now' links dotted around this forum (even my sig has it)!

 :o

Take my advice. I'm not using it!

View my working ocPortal site (version 9.x.x) at Anglo-Indian Portal
Back to the top
 
Posted
Rating:
#92882
Avatar

Guest said

perfect, Chris. I can not tell you how great this product is, does it all and more. Big Thanks



:).

Are you going to tell me what company you're doing this for yet :lol:?


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: