- Posts: 53
- Thank you received: 5
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
LDAP login with user creation does not correct user input for "username"
- bdeprez
- Topic Author
- Offline
- Senior Member
Less
More
6 years 6 months ago #157930
by bdeprez
LDAP login with user creation does not correct user input for "username" was created by bdeprez
We have a setup of Limesurvey with LDAP authentication and automated user creation.
We use "mail" as the user account so users would log on with "firstname.lastname@domain.com"
Now, when a user logs on the very first time and makes a mistake in the case used to type their email address (eg. Firstname.lastname@domain.com) then the LDAP will return the official full name and the email address HOWEVER the user will be created with the email address with an upper case F instead of lower case...
So, when the user comes back, they try to log in BUT since this time they use the correct email address (firstname.lastname@domain.com - so no upper case F) - the LDAP will return a correct response but Limesurvey will default to the login screen - the user CANNOT access Limesurvey! It is also NOT registered as a 'failed login attempt' in the audit log...
Probably the solution is to correct the email address as entered in the "username" field by the user with the email address taken from the reply from LDAP.
I created a bug 12628 for this...
B.
We use "mail" as the user account so users would log on with "firstname.lastname@domain.com"
Now, when a user logs on the very first time and makes a mistake in the case used to type their email address (eg. Firstname.lastname@domain.com) then the LDAP will return the official full name and the email address HOWEVER the user will be created with the email address with an upper case F instead of lower case...
So, when the user comes back, they try to log in BUT since this time they use the correct email address (firstname.lastname@domain.com - so no upper case F) - the LDAP will return a correct response but Limesurvey will default to the login screen - the user CANNOT access Limesurvey! It is also NOT registered as a 'failed login attempt' in the audit log...
Probably the solution is to correct the email address as entered in the "username" field by the user with the email address taken from the reply from LDAP.
I created a bug 12628 for this...
B.
The topic has been locked.
- bdeprez
- Topic Author
- Offline
- Senior Member
Less
More
- Posts: 53
- Thank you received: 5
6 years 5 months ago #159650
by bdeprez
Replied by bdeprez on topic LDAP login with user creation does not correct user input for "username"
Dear all,
Would anybody know of a feasible and temporary workaround to fix this?
I was looking at doing this:
strtolower(str_replace(' ', '', userid));
somewhere in the code but I can't figure out where to put this... I tried AuthLDAP.php but probably need to do that right after the user clicks "Logon" after having filled in the login form but can't figure it out...
Anybody who could give me a hint?
Thanks a ton in advance!
B.
Would anybody know of a feasible and temporary workaround to fix this?
I was looking at doing this:
strtolower(str_replace(' ', '', userid));
somewhere in the code but I can't figure out where to put this... I tried AuthLDAP.php but probably need to do that right after the user clicks "Logon" after having filled in the login form but can't figure it out...
Anybody who could give me a hint?
Thanks a ton in advance!
B.
The topic has been locked.
- bdeprez
- Topic Author
- Offline
- Senior Member
Less
More
- Posts: 53
- Thank you received: 5
6 years 5 months ago #159654
by bdeprez
Replied by bdeprez on topic LDAP login with user creation does not correct user input for "username"
Found the location to put this: in the function "setUsername" in AuthPluginBase.php
I added: "$username = strtolower(str_replace(' ', '', $username)); as the first line in that function.
and now it filters out the spaces and capital letters as soon as the form has been submitted.
I know this is suboptimal since I will need to update my code each time I update Limesurvey but it does the trick and prevents irked users.
If anybody has any ideas how to fix this in a better way, I'm open to suggestions!
Thanks,
B.
I added: "$username = strtolower(str_replace(' ', '', $username)); as the first line in that function.
and now it filters out the spaces and capital letters as soon as the form has been submitted.
I know this is suboptimal since I will need to update my code each time I update Limesurvey but it does the trick and prevents irked users.
If anybody has any ideas how to fix this in a better way, I'm open to suggestions!
Thanks,
B.
The topic has been locked.
- DenisChenu
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 13912
- Thank you received: 2549
6 years 5 months ago - 6 years 5 months ago #159663
by DenisChenu
1. Copy whole AuthLdap directory to /plugins/ directory
2. Update directory and php file to myAuthLDAP
3. Update className to myAuthLDAP
3. Update name to myLDAP
4. Deactivate the core AuthLDAP plugin
5. Activate and configure myAuthLDAP plugin.
Denis
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic LDAP login with user creation does not correct user input for "username"
Because AuthLdap is a plugin, you can easily:bdeprez wrote: …
I know this is suboptimal since I will need to update my code each time I update Limesurvey but it does the trick and prevents irked users.
If anybody has any ideas how to fix this in a better way, I'm open to suggestions!
…
1. Copy whole AuthLdap directory to /plugins/ directory
2. Update directory and php file to myAuthLDAP
3. Update className to myAuthLDAP
3. Update name to myLDAP
4. Deactivate the core AuthLDAP plugin
5. Activate and configure myAuthLDAP plugin.
Denis
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Last edit: 6 years 5 months ago by DenisChenu. Reason: url fix
The topic has been locked.
- bdeprez
- Topic Author
- Offline
- Senior Member
Less
More
- Posts: 53
- Thank you received: 5
6 years 5 months ago - 6 years 5 months ago #159666
by bdeprez
Replied by bdeprez on topic LDAP login with user creation does not correct user input for "username"
Hi Denis,
Thanks very much indeed for that suggestion... Now, since I'm pretty new to PHP, I was wondering how to do this...
If I do all the steps you stated, I would still have to copy the function into "myAuthLDAP" right?
So I would need to copy that function in myAuthLDAP and then add my line in it:
Is that a correct understanding? And, if so, where should I add it? At the beginning?
Sorry if this is a noob question
Thanks
B.
Thanks very much indeed for that suggestion... Now, since I'm pretty new to PHP, I was wondering how to do this...
If I do all the steps you stated, I would still have to copy the function into "myAuthLDAP" right?
So I would need to copy that function in myAuthLDAP and then add my line in it:
Code:
protected function setUsername($username) { $username = strtolower(str_replace(' ', '', $username)); $this->_username = $username; $event = $this->getEvent(); $identity = $this->getEvent()->get('identity'); $identity->username = $username; $event->set('identity', $identity); return $this; }
Is that a correct understanding? And, if so, where should I add it? At the beginning?
Sorry if this is a noob question
Thanks
B.
Last edit: 6 years 5 months ago by bdeprez.
The topic has been locked.
- DenisChenu
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 13912
- Thank you received: 2549
6 years 5 months ago #159668
by DenisChenu
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic LDAP login with user creation does not correct user input for "username"
I say : copy WHOLE file, the you create a totally new plugin and just update inside the setUsername function.
After you have the old AuthLDAP->setUsername function, but you use myAuthLDAP->setUsername function. because you use myAuthLDAP Class.
After you have the old AuthLDAP->setUsername function, but you use myAuthLDAP->setUsername function. because you use myAuthLDAP Class.
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
- bdeprez
- Topic Author
- Offline
- Senior Member
Less
More
- Posts: 53
- Thank you received: 5
6 years 4 months ago #159916
by bdeprez
Replied by bdeprez on topic LDAP login with user creation does not correct user input for "username"
Hi Denis,
Yes, I see how that would work but the "setUsername" function is not in "AuthLDAP but in "AuthPluginBase.php"...
How would that work then? AuthLDAP does extend "AuthPluginBase.php" but I'm not sure how to proceed...
Thanks,
B.
Yes, I see how that would work but the "setUsername" function is not in "AuthLDAP but in "AuthPluginBase.php"...
How would that work then? AuthLDAP does extend "AuthPluginBase.php" but I'm not sure how to proceed...
Thanks,
B.
The topic has been locked.
- DenisChenu
- Offline
- LimeSurvey Community Team
Less
More
- Posts: 13912
- Thank you received: 2549
6 years 4 months ago #160079
by DenisChenu
It's for automatic user creation :
github.com/LimeSurvey/LimeSurvey/blob/ma...AP/AuthLDAP.php#L166
Add
Somewhere here.
Maybe it's more clean to fix it here github.com/LimeSurvey/LimeSurvey/blob/ma...AP/AuthLDAP.php#L406
Denis
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
Replied by DenisChenu on topic LDAP login with user creation does not correct user input for "username"
I can not guarantee the functionnality but yes, but you're right on one point : it's a protected function, then can not use this one.bdeprez wrote: How would that work then? AuthLDAP does extend "AuthPluginBase.php" but I'm not sure how to proceed...
.
It's for automatic user creation :
github.com/LimeSurvey/LimeSurvey/blob/ma...AP/AuthLDAP.php#L166
Add
Code:
$new_user = strtolower(str_replace(' ', '', $new_user));
Maybe it's more clean to fix it here github.com/LimeSurvey/LimeSurvey/blob/ma...AP/AuthLDAP.php#L406
Code:
$username = strtolower(str_replace(' ', '', $this->getUsername()));
Denis
Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
- digitmaster
- Offline
- New Member
Less
More
- Posts: 7
- Thank you received: 2
6 years 4 months ago #160110
by digitmaster
Replied by digitmaster on topic LDAP login with user creation does not correct user input for "username"
Hi,
What a coincidence I was just writing a plugin for that. It works and I will share it. Just give me a couple of days to test it.
bye
digitmaster
What a coincidence I was just writing a plugin for that. It works and I will share it. Just give me a couple of days to test it.
bye
digitmaster
The topic has been locked.
- bdeprez
- Topic Author
- Offline
- Senior Member
Less
More
- Posts: 53
- Thank you received: 5
6 years 4 months ago #160134
by bdeprez
Replied by bdeprez on topic LDAP login with user creation does not correct user input for "username"
Thanks for the input, Denis!
@Digitmaster - indeed big coincidence! Would be great if you would be willing to share the plugin once it's ready... Thanks a heap in advance!
@Digitmaster - indeed big coincidence! Would be great if you would be willing to share the plugin once it's ready... Thanks a heap in advance!
The topic has been locked.
- digitmaster
- Offline
- New Member
Less
More
- Posts: 7
- Thank you received: 2
6 years 4 months ago #160308
by digitmaster
Replied by digitmaster on topic LDAP login with user creation does not correct user input for "username"
Hi,
here you go:
github.com/digitmaster/limesurveyplugins...er/LowercaseAuthLDAP
it will work only if you apply this patch:
github.com/digitmaster/LimeSurvey/commit...7b9049be8fb83ebfa221
for the reasons explained here:
bugs.limesurvey.org/view.php?id=12869
it works! enjoy.
regards
digitmaster
here you go:
github.com/digitmaster/limesurveyplugins...er/LowercaseAuthLDAP
it will work only if you apply this patch:
github.com/digitmaster/LimeSurvey/commit...7b9049be8fb83ebfa221
for the reasons explained here:
bugs.limesurvey.org/view.php?id=12869
it works! enjoy.
regards
digitmaster
The topic has been locked.