Welcome, Guest
Username: Password: Remember me

TOPIC: LDAP authentication in LS 2.00+

Re: LDAP authentication in LS 2.00+ 1 year 8 months ago #89983

  • nicktruch
  • nicktruch's Avatar
  • OFFLINE
  • Junior Lime
  • Posts: 23
  • Karma: 0
No as far as you need to configure LS to use LDAP to import tokens in order to manage participants, it works fine. I think it was better to have the possibility to have a field to write your own 'userfilter' (like in v1.98), but it works !

I didn't check the authentication delegation for the LS admin GUI to our WebServer.

Thanks for your help.
The administrator has disabled public write access.

Re: LDAP authentication in LS 2.00+ 1 year 4 months ago #94553

  • harnas1977
  • harnas1977's Avatar
  • OFFLINE
  • Fresh Lemon
  • Posts: 1
  • Karma: 0
Hi,

Can anyone confirm that LS 2.00+ has working LDAP authentication?
I'm in particularly interested to authenticate admins against MS AD.

Thanks,
Maciej
The administrator has disabled public write access.

Re: LDAP authentication in LS 2.00+ 1 year 4 months ago #94559

  • mdekker
  • mdekker's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 341
  • Thank you received: 68
  • Karma: 38
At the moment this is not possible, but with the 2.05 beta that is just released you can write your own authentication plugin to handle loging in using LDAP. If you have the means to give that a try, please do so as we are still developing the plugin api and it helps to get feedback.
---
Menno Dekker
The administrator has disabled public write access.

Re: LDAP authentication in LS 2.00+ 1 year 4 months ago #94589

  • DenisChenu
  • DenisChenu's Avatar
  • OFFLINE
  • Moderator Lime
  • Posts: 6256
  • Thank you received: 799
  • Karma: 239
Maybe you can use:
An apache server with mod_auth_LDAP : httpd.apache.org/docs/2.0/mod/mod_auth_LDAP.html
and
use elegate Authentication to the Webserver : docs.limesurvey.org/Optional+settings#De...ion_to_the_Webserver

Denis
The administrator has disabled public write access.

Re: LDAP authentication in LS 2.00+ 1 year 2 months ago #96836

  • atlet
  • atlet's Avatar
  • OFFLINE
  • Fresh Lemon
  • Posts: 17
  • Karma: 0
mdekker wrote:
At the moment this is not possible, but with the 2.05 beta that is just released you can write your own authentication plugin to handle loging in using LDAP. If you have the means to give that a try, please do so as we are still developing the plugin api and it helps to get feedback.

I also need to develop an authentication plugin. I looked at the documentation, and I can't find anything usable.

Where I put the plugin, where is the API, ...
The administrator has disabled public write access.

Re: LDAP authentication in LS 2.00+ 1 year 2 months ago #96840

  • mdekker
  • mdekker's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 341
  • Thank you received: 68
  • Karma: 38
There is not much documentation yet but when it comes it will be at manual.limesurvey.org/Plugins

For now you can check out the latest code on 2.05 branch from github and have a look at the core authentication plugins in /application/core/plugins
If you copy/rename them to /plugins you can create your own plugin. Since we are still exploring what would be needed to make a plugin work in all scenarios, feel free to drop a line here if something is unclear or if you can not find what you need.

When we release 2.05 we will update the documentation with the information needed to create your own plugin. Please note that we could still change the api at this moment (although we plan not to do that ofcourse).
---
Menno Dekker
The administrator has disabled public write access.
The following user(s) said Thank You: atlet

Re: LDAP authentication in LS 2.00+ 1 year 1 month ago #98325

  • atlet
  • atlet's Avatar
  • OFFLINE
  • Fresh Lemon
  • Posts: 17
  • Karma: 0
Hi,

tnx for your info. I copied the plugin and made my own. In documentation is written, that if you use a server authentication, you must set $this->setAuthPlugin() in beforeLogin but the event newUserSession is never called. I missing something?
The administrator has disabled public write access.

Re: LDAP authentication in LS 2.00+ 1 year 1 month ago #98344

  • mdekker
  • mdekker's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 341
  • Thank you received: 68
  • Karma: 38
setAuthPlugin disables the login form, you use this this when you don't want to ask for user input.

Why do you think newUserSession is never called? Have a look at the /application/core/plugins/Authwebserver/Authwebserver.php to see how that works.

Maybe you forgot to subscribe to the newUserSsession event?
---
Menno Dekker
The administrator has disabled public write access.

Re: LDAP authentication in LS 2.00+ 1 year 1 month ago #98351

  • atlet
  • atlet's Avatar
  • OFFLINE
  • Fresh Lemon
  • Posts: 17
  • Karma: 0
Yes, I created new plugin from this one. I subscribed to newUserSession event and also disabled login form with setAuthPlugin. When I debug, the newUserSession even't dosen't get called.
The administrator has disabled public write access.

Re: LDAP authentication in LS 2.00+ 1 year 1 month ago #98353

  • mdekker
  • mdekker's Avatar
  • OFFLINE
  • LimeSurvey Team
  • Posts: 341
  • Thank you received: 68
  • Karma: 38
Can you share the code somewhere? And are you sure the plugin is activated?
---
Menno Dekker
Last Edit: 1 year 1 month ago by mdekker.
The administrator has disabled public write access.
Moderators: ITEd
Time to create page: 0.132 seconds
Donation Image