From: luis d. <lui...@gm...> - 2012-07-07 13:58:44
|
Hello Demian ok so I have this code: $info = ldap_get_entries($ldapConnection, $ldapSearch); if ($info['count']) { // Validate the user credentials by attempting to bind to LDAP: $ldapBind = ldap_bind( $ldapConnection, $info[0]['dn'], $this->_password ); if ($ldapBind) { // If the bind was successful, we can look up the full user info: $ldapSearch = ldap_search( $ldapConnection, $ldapConnectionParameter['basedn'], $ldapFilter ); $data = ldap_get_entries($ldapConnection, $ldapSearch); return $this->_processLDAPUser($data, $ldapConnectionParameter); } } echo var_dump($info[0]['dn']); echo var_dump($data); echo ldap_error() . " -auth1"; return new PEAR_ERROR('authentication_error_invalid'); And this result -auth2string(38) "cn=user_mbvale,ou=people,dc=orex,dc=es" NULL -auth1 as the CN here is user_mbvale and no mbvale...I decide to login with this user but: I have this: -auth2NULL NULL -auth1 and imposible to get logged in The ldif file to create the user mbvale is: dn: cn=user_mbvale,ou=people,dc=orex,dc=es objectclass: inetOrgPerson cn: user_mbvale sn: mbvale uid: mbvale userpassword: xxxxxx mail: hu...@or... ou: MBVALE And the base.ldif is dn: dc=orex,dc=es dc: orex objectClass: top objectClass: domain dn: ou=People,dc=orex,dc=es ou: People objectClass: top objectClass: organizationalUnit dn: ou=Group,dc=orex,dc=es ou: Group objectClass: top objectClass: organizationalUnit Adn do not anderstand what is wrong here... In my php code to use this ldap I have this ..and it works: // specify the LDAP server to connect to $conn = ldap_connect("localhost") or die("Could not connect to server"); // bind to the LDAP server specified above $r = ldap_bind($conn) or die("Could not bind to server"); // create the search string $query = "(uid=" . $_POST['login'] . ")"; ****** HERE THE POST login is mbvale************* $result=ldap_search($conn,"dc=orex,dc=es", $query) or die ("Error in search query"); // get entry data as array $info = ldap_get_entries($conn, $result); for ($i=0; $i<$info["count"]; $i++){ if($pass!=rtrim($info[$i]["userpassword"][0]," ")){ $_SESSION['contra']=1; header("Location: http://opac.orex.es:8081/admin_orex/orex_login.php"); } else{ $_SESSION['grupo']=$info[$i]["ou"][0]; $_SESSION['user']=$info[$i]["cn"][0]; $_SESSION['id']=$info[$i]["uid"][0]; header("Location: http://opac.orex.es:8081/admin_orex/orex_admin.php"); } } Maybe comparing both codes we 'll be abble to see the diference, Thanks 2012/7/6 Demian Katz <dem...@vi...> > To get more information out of ldap_error, you need to pass it > $ldapConnection as the first parameter -- that's why you're seeing those > warnings. > > As far as the 'invalid credentials' error, I assume that is coming from > this line: > > $ldapBind = @ldap_bind( > $ldapConnection, $info[0]['dn'], $this->_password > ); > > Perhaps it would be useful to var_dump the $info array prior to this line > and see what's in there. Maybe the code's assumption about the contents of > $info[0]['dn'] is incorrect in your context. > > - Demian > ------------------------------ > *From:* luis diaz [lui...@gm...] > *Sent:* Friday, July 06, 2012 7:52 AM > > *To:* Demian Katz > *Cc:* vuf...@li... > *Subject:* Re: [VuFind-General] vufind and ldap > > Hi Demian > ok I have this error now: > > Warning: ldap_error() expects exactly 1 parameter, 0 given in > /usr/local/vufind/web/sys/authn/LDAPAuthentication.php on line 75 -auth2 > Warning: ldap_bind(): *Unable to bind to server: Invalid credentials* in > /usr/local/vufind/web/sys/authn/LDAPAuthentication.php on line 153 Warning: > ldap_error() expects exactly 1 parameter, 0 given in > /usr/local/vufind/web/sys/authn/LDAPAuthentication.php on line 163 -auth1 > > For now the parameters in config.ini are commented: > > ;bind_username = Manager > ;bind_password = xxxxx > So I try to remove comment > and I put this: > bind_username = "cn=Manager,dc=orex,dc=es" > bind_password = xxxxxx > > But it's the same error > the root.ldif file I use to set the ldap is: > > dn: uid=root,ou=People,dc=orex,dc=es > uid: root > cn: Manager > objectClass: account > > > > > > > 2012/7/6 Demian Katz <dem...@vi...> > >> Remove the @ sign from in front of the ldap_bind call -- this may give >> you some extra error messages. >> >> - Demian >> ------------------------------ >> *From:* luis diaz [lui...@gm...] >> *Sent:* Thursday, July 05, 2012 3:56 PM >> >> *To:* Demian Katz >> *Cc:* vuf...@li... >> *Subject:* Re: [VuFind-General] vufind and ldap >> >> Hello Demian >> >> here 's the message I have at screen: >> >> Warning: ldap_error() expects exactly 1 parameter, 0 given in >> /usr/local/vufind/web/sys/authn/LDAPAuthentication.php on line 75 -auth2 >> Warning: ldap_error() expects exactly 1 parameter, 0 given in >> /usr/local/vufind/web/sys/authn/LDAPAuthentication.php on line 133 -bind >> >> >> Line 75 is this one: >> 67 public function authenticate() >> 68 { >> 69 $this->_username = $_POST['username']; >> 70 $this->_password = $_POST['password']; >> 71 if ($this->_username == '' || $this->_password == '') { >> 72 return new PEAR_Error('authentication_error_blank'); >> 73 } >> 74 $this->_trimCredentials(); >> * 75 echo ldap_error() . " -auth2";* >> 76 return $this->_bindUser(); >> 77 } >> >> amd 133 this one: >> >> 127 ) { >> 128 $ldapBind = @ldap_bind( >> 129 $ldapConnection, >> $ldapConnectionParameter['bind_username'], >> 130 $ldapConnectionParameter['bind_password'] >> 131 ); >> 132 if (!$ldapBind) { >> 133 echo ldap_error() . " -bind"; >> >> So I guess this is a bind error. >> >> >> >> 2012/7/5 Demian Katz <dem...@vi...> >> >>> The code certainly looks like it should be generating some output. >>> Assuming you have the right files in the right locations, I would expect >>> you to see some extra content on the screen after attempting a login. A >>> few suggestions:**** >>> >>> ** ** >>> >>> **1.) **Make sure LDAP is turned on in config.ini.**** >>> >>> **2.) **Try putting some die() statements in the >>> LDAPAuthentication.php. If that has no effect, then the code is clearly >>> not getting executed – double check file locations and configurations!** >>> ** >>> >>> **3.) **If the die() causes VuFind to terminate, but you still don’t >>> see echo output, you could try writing debug information to a file as an >>> alternative means of logging… but I’m not sure why that would be necessary. >>> **** >>> >>> ** ** >>> >>> Let me know if you’re still stuck!**** >>> >>> ** ** >>> >>> - Demian**** >>> >>> ** ** >>> >>> *From:* luis diaz [mailto:lui...@gm...] >>> *Sent:* Thursday, July 05, 2012 11:29 AM >>> *To:* Demian Katz >>> *Cc:* vuf...@li... >>> *Subject:* Re: [VuFind-General] vufind and ldap**** >>> >>> ** ** >>> >>> Hello Demian**** >>> >>> I remember have make some changes in this file.**** >>> >>> But, strange, I do not have any error in the screen, I attach the php >>> file**** >>> >>> **** >>> >>> Maybe I do something wrong**** >>> >>> **** >>> >>> Thanks**** >>> >>> >>> >>> **** >>> >>> 2012/7/5 Demian Katz <dem...@vi...>**** >>> >>> VuFind’s LDAP module doesn’t have built-in logging capabilities, though >>> given the difficulty of configuring LDAP, it would make sense to add them. >>> Probably something to add to the 2.0 to-do list. In the meantime, the >>> simplest solution is to add echo/var_dump statements to >>> web/sys/authn/LDAPAuthentication.php to trace what is happening. The >>> ldap_error() function can also be useful for getting more information.** >>> ** >>> >>> **** >>> >>> - Demian**** >>> >>> **** >>> >>> *From:* luis diaz [mailto:lui...@gm...] >>> *Sent:* Thursday, July 05, 2012 2:55 AM >>> *To:* vuf...@li... >>> *Subject:* [VuFind-General] vufind and ldap**** >>> >>> **** >>> >>> Hello all,**** >>> >>> **** >>> >>> we have redhat 6 server with this open ldap server: >>> openldap-servers-2.4.23-20.el6.x86_64**** >>> >>> Then the ldpa is running ok because I hace a web site using it, and I'm >>> able to log on.**** >>> >>> **** >>> >>> Now we want to use this same ldap to enter in vufind.**** >>> >>> But there is an error, let me paste the info:**** >>> >>> **** >>> >>> config.ini**** >>> >>> [LDAP] >>> host = localhost >>> port = 389 >>> basedn = "dc=orex,dc=es" >>> username = uid >>> ;firstname = givenname >>> ;lastname = sn >>> ;email = mail >>> ;cat_username = >>> ;cat_password = >>> ;college = studentcollege >>> ;major = studentmajor >>> ; If you need to bind to LDAP with a particular account before >>> ; it can be searched, you can enter the necessary credentials >>> ; here. If this extra security measure is not needed, leave >>> ; these settings commented out. >>> bind_username = "uid=Manager, dc=orex,dc=es" >>> bind_password = xxxxx**** >>> >>> **** >>> >>> and this is one of the ldif file**** >>> >>> dn: cn=user_mbvale,ou=people,dc=orex,dc=es >>> objectclass: inetOrgPerson >>> cn: user_mbvale >>> sn: mbvale >>> uid: mbvale >>> userpassword: xxxx >>> mail: hu...@or... >>> ou: MBVALE**** >>> >>> **** >>> >>> So diferent questions, does vufind create a LOG to see what happens? *** >>> * >>> >>> If no, is it possible to print any dump from php code to see some thing? >>> **** >>> >>> **** >>> >>> Well I hope someone have experience and could help,**** >>> >>> thanks a lot in advance**** >>> >>> **** >>> >>> Cheers**** >>> >>> **** >>> >>> **** >>> >>> **** >>> >>> ** ** >>> >> >> > |