acapp
Posts: 31
|
Posted: 03/05/2004, 7:13 AM |
|
I want to use the CCS login interface, but I don't want to verify passwords via my MySQL database but by my companys LDAP. How do I do this?
Does anyone have a code example?
Thanks
Andrew
|
|
|
peterr
Posts: 5971
|
Posted: 03/05/2004, 11:29 AM |
|
See http://php.benscom.com/manual/en/ref.ldap.php
Once you get some standard PHP code working for retrieving user's password, then you can replace the code in the the "On Click" event of the DoLogin button on the login form. Or you could modify the CCLoginUser function in Common.php.
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
acapp
Posts: 31
|
Posted: 03/05/2004, 5:41 PM |
|
Quote peterr:
See http://php.benscom.com/manual/en/ref.ldap.php
Once you get some standard PHP code working for retrieving user's password, then you can replace the code in the the "On Click" event of the DoLogin button on the login form. Or you could modify the CCLoginUser function in Common.php.
Here's my code so far, but I can't get it to work.
// Write your own code here.
$ldapconfig['host'] = 'locahost';
$ldapconfig['basedn'] = 'ou=people,dc=localhost,dc=com';
function ldap_authenticate() {
global $ldapconfig;
global $PHP_AUTH_USER;
$PHP_AUTH_USER = "$login";
global $PHP_AUTH_PW;
$PHP_AUTH_PW = "$password";
if ($PHP_AUTH_USER != "" && $PHP_AUTH_PW != "") {
$ds=@ldap_connect($ldapconfig['host']);
$r = @ldap_search( $ds, $ldapconfig['basedn'], 'uid=' . $PHP_AUTH_USER);
if ($r) {
$result = @ldap_get_entries( $ds, $r);
if ($result[0]) {
if (@ldap_bind( $ds, $result[0]['dn'], $PHP_AUTH_PW) ) {
return $result[0];
}
}
}
}
}
if (($result = ldap_authenticate()) == NULL) {
echo('<H4>Authorization Failed</H4>');
exit(0);
}
else
{
global $Redirect;
$Redirect = CCGetParam("ret_link", $Redirect);
$Login_Button_DoLogin_OnClick = true;
}
// -------------------------
//End Custom Code
|
|
|
acapp
Posts: 31
|
Posted: 03/09/2004, 7:37 PM |
|
Hi, What I am missing here is not how to get the php to work and talk to my LDAP, I have that working. What I don't understand is how to pass variables from CCS to the php code I have. I've tried modifying common.php CCGetUserLogin, but I haven't had success.
Please just give me an example of a variable pass. Thanks
Andrew
|
|
|
peterr
Posts: 5971
|
Posted: 03/09/2004, 10:21 PM |
|
You can create a regular CCS login form to see how this is done. Basically look at the "On Click" event of the "DoLogin" button of the login form. You will see there the code that passes the login parameters to the CCLoginUser function. Here is the code that I just copied from there:
//Login @4-C826ABD6
global $Login;
if(!CCLoginUser($Login->login->Value, $Login->password->Value))
{
$Login->Errors->addError("Login or Password is incorrect.");
$Login->password->SetValue("");
$Login_DoLogin_OnClick = false;
}
else
{
global $Redirect;
$Redirect = CCGetParam("ret_link", $Redirect);
$Login_DoLogin_OnClick = true;
}
//End Login
The "if" line is the one that passes the 2 parameters to the CCLoginUser function:
if(!CCLoginUser($Login->login->Value, $Login->password->Value))
If the result is true/OK then the user is redirected to the destination page:
$Redirect = CCGetParam("ret_link", $Redirect);
_________________
Peter R.
YesSoftware Forums Moderator
For product support please visit http://support.yessoftware.com |
|
|
acapp
Posts: 31
|
Posted: 05/13/2004, 10:56 AM |
|
Since I struggled with this, I thought I'd post my solution on my Sun box.
There maybe a better way, but I couldn't get anything to work totally inside of CCS. I editied the Common.php file as follows.
-Andrew
function CCLoginUser($login, $password)
{
global $ldapconfig;
$ldapconfig['host'] = 'foo-ds';
$ldapconfig['port'] = '389';
$ldapconfig['basedn'] = 'ou=people, dc=foo, dc=com';
// Get Database Login Info from Database
$db = new clsDBTrainingDB();
$SQL = "SELECT emp_id, group_id FROM employee WHERE emp_login=" . $db->ToSQL($login, ccsText);
$db->query($SQL);
$result = $db->next_record();
// Compare Password with LDAP Password Routine
$ds=ldap_connect($ldapconfig['host'],$ldapconfig['port']);
$r=ldap_bind($ds);
$sr=ldap_search( $ds, $ldapconfig['basedn'], 'employeenumber=' . $login);
$count_ldap = ldap_count_entries($ds,$sr);
ldap_close($ds);
if($count_ldap<1) {
$db->close();
return result;
} else {
if(shell_exec("/usr/local/apache/htdocs/Scripts/authenticate $login $password") == true) {
CCSetSession("UserID", $db->f("emp_id"));
CCSetSession("UserLogin", $login);
CCSetSession("GroupID", $db->f("group_id"));
}
$db->close();
return result;
}
$db->close();
return result;
}
#!/bin/csh
set DN=`ldapsearch -h foo-ds -b dc=foo,dc=com "employeenumber=$1" dn`
/usr/bin/ldapsearch -h sun-ds -b dc=foo,dc=com -D "$DN" -w "$2" "employeenumber=$1" dn
|
|
|
|