Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

LDAP login with user creation does not correct user input for "username"

  • bdeprez
  • bdeprez's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
6 years 7 months ago #157930 by bdeprez
We have a setup of Limesurvey with LDAP authentication and automated user creation.
We use "mail" as the user account so users would log on with "firstname.lastname@domain.com"

Now, when a user logs on the very first time and makes a mistake in the case used to type their email address (eg. Firstname.lastname@domain.com) then the LDAP will return the official full name and the email address HOWEVER the user will be created with the email address with an upper case F instead of lower case...

So, when the user comes back, they try to log in BUT since this time they use the correct email address (firstname.lastname@domain.com - so no upper case F) - the LDAP will return a correct response but Limesurvey will default to the login screen - the user CANNOT access Limesurvey! It is also NOT registered as a 'failed login attempt' in the audit log...

Probably the solution is to correct the email address as entered in the "username" field by the user with the email address taken from the reply from LDAP.

I created a bug 12628 for this...

B.
The topic has been locked.
  • bdeprez
  • bdeprez's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
6 years 5 months ago #159650 by bdeprez
Dear all,

Would anybody know of a feasible and temporary workaround to fix this?

I was looking at doing this:

strtolower(str_replace(' ', '', userid));

somewhere in the code but I can't figure out where to put this... I tried AuthLDAP.php but probably need to do that right after the user clicks "Logon" after having filled in the login form but can't figure it out...

Anybody who could give me a hint?

Thanks a ton in advance!
B.
The topic has been locked.
  • bdeprez
  • bdeprez's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
6 years 5 months ago #159654 by bdeprez
Found the location to put this: in the function "setUsername" in AuthPluginBase.php

I added: "$username = strtolower(str_replace(' ', '', $username)); as the first line in that function.

and now it filters out the spaces and capital letters as soon as the form has been submitted.

I know this is suboptimal since I will need to update my code each time I update Limesurvey but it does the trick and prevents irked users.

If anybody has any ideas how to fix this in a better way, I'm open to suggestions!

Thanks,
B.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
6 years 5 months ago - 6 years 5 months ago #159663 by DenisChenu

bdeprez wrote: …
I know this is suboptimal since I will need to update my code each time I update Limesurvey but it does the trick and prevents irked users.

If anybody has any ideas how to fix this in a better way, I'm open to suggestions!

Because AuthLdap is a plugin, you can easily:

1. Copy whole AuthLdap directory to /plugins/ directory
2. Update directory and php file to myAuthLDAP
3. Update className to myAuthLDAP
3. Update name to myLDAP
4. Deactivate the core AuthLDAP plugin
5. Activate and configure myAuthLDAP plugin.

Denis

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Last edit: 6 years 5 months ago by DenisChenu. Reason: url fix
The topic has been locked.
  • bdeprez
  • bdeprez's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
6 years 5 months ago - 6 years 5 months ago #159666 by bdeprez
Hi Denis,

Thanks very much indeed for that suggestion... Now, since I'm pretty new to PHP, I was wondering how to do this...

If I do all the steps you stated, I would still have to copy the function into "myAuthLDAP" right?

So I would need to copy that function in myAuthLDAP and then add my line in it:
Code:
protected function setUsername($username)
    {
        $username = strtolower(str_replace(' ', '', $username));
        $this->_username = $username;
        $event = $this->getEvent();
        $identity = $this->getEvent()->get('identity');
        $identity->username = $username;
 
        $event->set('identity', $identity);
 
        return $this;
    }

Is that a correct understanding? And, if so, where should I add it? At the beginning?

Sorry if this is a noob question :-)

Thanks
B.
Last edit: 6 years 5 months ago by bdeprez.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
6 years 5 months ago #159668 by DenisChenu
I say : copy WHOLE file, the you create a totally new plugin and just update inside the setUsername function.

After you have the old AuthLDAP->setUsername function, but you use myAuthLDAP->setUsername function. because you use myAuthLDAP Class.

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
  • bdeprez
  • bdeprez's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
6 years 5 months ago #159916 by bdeprez
Hi Denis,

Yes, I see how that would work but the "setUsername" function is not in "AuthLDAP but in "AuthPluginBase.php"...

How would that work then? AuthLDAP does extend "AuthPluginBase.php" but I'm not sure how to proceed...

Thanks,
B.
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Offline
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
6 years 5 months ago #160079 by DenisChenu

bdeprez wrote: How would that work then? AuthLDAP does extend "AuthPluginBase.php" but I'm not sure how to proceed...
.

I can not guarantee the functionnality but yes, but you're right on one point : it's a protected function, then can not use this one.

It's for automatic user creation :
github.com/LimeSurvey/LimeSurvey/blob/ma...AP/AuthLDAP.php#L166
Add
Code:
$new_user = strtolower(str_replace(' ', '', $new_user));
Somewhere here.

Maybe it's more clean to fix it here github.com/LimeSurvey/LimeSurvey/blob/ma...AP/AuthLDAP.php#L406
Code:
$username = strtolower(str_replace(' ', '', $this->getUsername()));

Denis

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
More
6 years 5 months ago #160110 by digitmaster
Hi,

What a coincidence I was just writing a plugin for that. It works and I will share it. Just give me a couple of days to test it.

bye
digitmaster
The topic has been locked.
  • bdeprez
  • bdeprez's Avatar Topic Author
  • Offline
  • Senior Member
  • Senior Member
More
6 years 4 months ago #160134 by bdeprez
Thanks for the input, Denis!

@Digitmaster - indeed big coincidence! Would be great if you would be willing to share the plugin once it's ready... Thanks a heap in advance!
The topic has been locked.
More
6 years 4 months ago #160308 by digitmaster
Hi,
here you go:
github.com/digitmaster/limesurveyplugins...er/LowercaseAuthLDAP

it will work only if you apply this patch:
github.com/digitmaster/LimeSurvey/commit...7b9049be8fb83ebfa221

for the reasons explained here:
bugs.limesurvey.org/view.php?id=12869

it works! enjoy.

regards
digitmaster
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose