LDAP authentication & automatic user creation using AuthLDAP.php plugin

More
3 years 3 months ago #112192 by Concordia
Concordia created the topic: LDAP authentication & automatic user creation using AuthLDAP.php plugin
Hi,


I'm trying to do LDAP authentication & automatic user creation using AuthLDAP.php.
I was able to get the authentication through apache webserver to work and so I used that plugin as an example to code LDAP authentication & automatic user creation in AuthLDAP.php.

Once I log in with my AD credentials they authenticate and bind to the LDAP server
// binding to LDAP server
$ldapbind = LDAP_bind($ldapconn, $prefix . $username . $suffix, $password);

Then this conditions (!$ldapbind) is skipped because, I am bound to LDAP.
if (!$ldapbind) {
$this->setAuthFailure(100, ldap_error($ldapconn));
ldap_close($ldapconn); // all done? close connection
return;
}

The user is now Authenticated.
That's all great, please let me know if I'm missing something.

I want to create a user that does not exist in the LS DB.
I'm not sure how to save $user information to the [lime_users] table.
I thought that $user->save() would save the user information, but it doesn't.
$user->save() returns false and ERROR_USERNAME_INVALID message is displayed on my screen.
if ($this->api->getConfigKey('auth_webserver_autocreate_user') && isset($aUserProfile) && is_null($user))
        { // user doesn't exist but auto-create user is set
            $user=new User;
            $user->users_name=$sUser;
            $user->password=hash('sha256', createPassword());
            $user->full_name=$aUserProfile['full_name'];
            $user->parent_id=1;
            $user->lang=$aUserProfile['lang'];
            $user->email=$aUserProfile['email'];
 
            if ($user->save())
            {
 
                $permission=new Permission;
                $permission->setPermissions($user->uid, 0, 'global', $this->api->getConfigKey('auth_webserver_autocreate_permissions'), true);
 
                // read again user from newly created entry
                $this->setAuthSuccess($user);
                return;
            }
            else
            {
                $this->setAuthFailure(self::ERROR_USERNAME_INVALID);
                ldap_close($ldapconn); // all done? close connection
                return;
            }
 
        }

Please point me in the right direction. :unsure:
I attached AuthLDAP.php, where I made the modifications.

Thank you!

Please Log in to join the conversation.

More
3 years 3 months ago #112193 by Concordia
Concordia replied the topic: LDAP authentication & automatic user creation using AuthLDAP.php plugin
EURIKA!

I made an error in a variable.
$user->users_name=$sUser;
Should have been:
$user->users_name=$username;

Here is the code:


I am now able to authenticate with LDAP and automatically create a user withing the AuthLDAP.php plugin.

The code might need to be cleaned up or corrected, but it works!
If I have time I will consider making a plugin, to avoid losing the hard coded changes to the plugin.

Thanks! :woohoo:

Please Log in to join the conversation.

More
3 years 3 months ago #112195 by Concordia
Concordia replied the topic: LDAP authentication & automatic user creation using AuthLDAP.php plugin
AuthLDAP.php with the modification, that allows for automatic user creation.

File Attachment:

File Name: AuthLDAP.zip
File Size:3 KB
Attachments:

Please Log in to join the conversation.

Start now!

Just create your account and start using Limesurvey today.

Register now
Join our Newsletter!