slashcode-development

[Slashcode-development] Problems with authentication

[Scott J. <sc...@na...>]

I'm trying to work up an LDAP authentication system. Instead of trying 
to tear out the existing system, my strategy is to work with what's 
already there. See 
http://slashcode.com/article.pl?sid=01/11/12/1640251&mode=thread for an 
overview of what I'm trying for.

I've got the widget that verifies the username & password against the 
LDAP directory; now I want to figure out how to call the slash widgets 
that perform the same function there. Here's how I'm trying to do it:

$userInfo = Slash::Apache::User->userLogin($providedName, 
$providedPassword);

but all I get returned is the anon-coward UID, which, when I read the 
code, seems to be what you are supposed to get when userLogin can't log 
in using what you provide. This happens even if I set the two variables 
to known-good values. What am I doing wrong?

Thanks in advance for any help you can give. I'm about as green a newbie 
as they get, so apologies in advance if this doesn't make any sense at 
all or if I haven't provided enough info.

Re: [Slashcode-development] Problems with authentication

[Scott J. <sc...@na...>]

Unfortunately I don't have all that much experience with debugging 
statements in perl yet. My problem.

Is there some spot in the existing slashcode where this function is 
called correctly? I can't find any so far.


> If I were you, I'd add a bunch of "print STDERR" debugging statements to
> userLogin in Slash::Apache::User and getUserAuthenticate in
> Slash::DB::MySQL, and see what's going on.
> 
> 

Re: [Slashcode-development] Problems with authentication

[Scott J. <sc...@na...>]

More datapoints. This is 2.0.0 code. I still think I'm doing something 
*really* basic wrong:

Slash appears to call user authentication in the modules I can find more 
like this:

$slashdb = getCurrentDB();
$userstuff=$slashdb->getUserAuthenticate($ldapuname, $ldappassword);

and then work with the result. In fact, this is exactly how 
Apache::User::getUserAuthenticate calls it.

When I try this, exactly like this, in my own program, I get a null ('', 
undefined?) reply. This is why A::U::gUA returns the anon UID... the 
result from the mySQL call is null, which is then fed to isAnon, which 
triggers one of isAnon's conditions.

When I look inside the code of the mySQL call, I see this on line 597 of 
MySQL.pm:

my($self, $user, $passwd, $kind) = @_;

then this on line 601:

return unless $user && $passwd;

This is almost certainly showing my lack of perl experience, but it 
seems that the mySQL method is expecting 4 and exactly 4 arguments. 
Also, it will return immediately if it doesn't see a $passwd variable 
that actually contains something.

So, it seems to me that when I only feed it two arguments, it will never 
see $passwd (because the values I fed it got stored in $self and $user 
instead) and therefore never authenticate. Is this correct?

I tried feeding it three values, but that didn't work either, perhaps 
(probably) because the above assumptions are wrong or the $self variable 
actually needs to be something important.

Here's how I actually use the module right now:

A web page in <site>/htdocs called login.shtml is a form that asks for 
username & password. Submit carries it over to basicLogin.pl also in 
<site>/htdocs.

Am I doing something wrong here?

$slashdb = getCurrentDB() *does* return something, but I don't know how 
to tinker with it to see if it's providing me with the right something. 
When evaluated as a scalar I get something like 
Slash::DB=HASH(0x891327c). This is a functioning slash site, so it's 
bound to be working somewhere.

Apologies for the newbie ramblings. This is very frustrating. Let me 
know if there's anything else I can provide you. Thanks in advance for 
any help you can provide.

Re: [Slashcode-development] Problems with authentication

[chromatic <chr...@rm...>]

On Monday 19 November 2001 10:18, Scott Johnson wrote:

> When I look inside the code of the mySQL call, I see this on line 597 of
> MySQL.pm:
>
> my($self, $user, $passwd, $kind) = @_;
>
> then this on line 601:
>
> return unless $user && $passwd;

> So, it seems to me that when I only feed it two arguments, it will never
> see $passwd (because the values I fed it got stored in $self and $user
> instead) and therefore never authenticate. Is this correct?

No.  $slashdb->getUserAuthenticate( @args ) is a method call.  $slashdb is 
automatically passed as the first argument.  I could point you to the 
relevant source code in perl itself, but I don't want to scare you.  :)

$slashdb->getUserAuthenticate($ldapuname, $ldappassword) will populate $self, 
$user, and $passwd.  Make sense?

> $slashdb = getCurrentDB() *does* return something, but I don't know how
> to tinker with it to see if it's providing me with the right something.
> When evaluated as a scalar I get something like
> Slash::DB=HASH(0x891327c). This is a functioning slash site, so it's
> bound to be working somewhere.

That's a stringified blessed reference.  If you print ref($slashdb), you 
should just get 'Slash::DB'.  All that mess means is that $slashdb is a hash 
reference that's been blessed into the Slash::DB class.

It's an object.  It's what you want.

> Apologies for the newbie ramblings. This is very frustrating. Let me
> know if there's anything else I can provide you. 

Money is good.

> Thanks in advance for any help you can provide.

The null string is not exactly the same as an undefined value.  I'd do 
something like this:

my $slashdb = getCurrentDB();
my $userstuff=$slashdb->getUserAuthenticate($ldapuname, $ldappassword);

print "Sent ($ldapuname) and ($ldappassword)\n";
if (defined $userstuff) {
	print "Received ($userstuff)\n";
} else {
	print "Received undef from getUserAuthenticate.\n";
}

That'll give you a better idea if it doesn't like $user and $passwd, or if 
it's just not finding anyone in the database.

-- c