cross
New Foswiki release 2.1.6 is available with important security fixes.
Sourceforge foswiki email lists being discontinued. Subscribe to the new Foswiki announce and discuss lists at MailingLists
This question about Using an extension, Authentication or Authorisation, LDAP: Asked

checkPassword in LdapPasswdUser is not called

I have LdapContrib installed and I think configured correctly, but it doesn't work. Turning on the debug and trying to login gives the following in the Apache logs...

[Thu Mar 08 10:12:57 2012] [error] [client 10.3.1.1] - LdapContrib - cacheAge=712, maxCacheAge=86400, lastUpdate=1331218865, refresh=0, referer: http://beohome/foswiki/bin/login/Main/WebHome

[Thu Mar 08 10:12:57 2012] [error] [client 10.3.1.1] - LdapContrib - called search(filter=(&(objectClass=person)(sAMAccountName=tcera)), base=ou=Staff,ou=Users,ou=Department,dc=Company,dc=com, scope=sub, sizelimit=0, attrs=*), referer: http://beohome/foswiki/bin/login/Main/WebHome

[Thu Mar 08 10:12:57 2012] [error] [client 10.3.1.1] - LdapContrib - proxy bind, referer: http://beohome/foswiki/bin/login/Main/WebHome

[Thu Mar 08 10:12:57 2012] [error] [client 10.3.1.1] - LdapContrib - found 1 entries, referer: http://beohome/foswiki/bin/login/Main/WebHome

Note that it finds the login.

There are debug statements in Foswiki::Users::LdapPasswdUser.pm, specifically in the checkPassword subroutine that should print out to the log also. I think. It seems that when Foswiki::LoginManager::TemplateLogin.pm calls checkPassword (and authentication fails), some other checkPassword subroutine is used since there is nothing in the log.

From LocalSite.cfg...

$Foswiki::cfg{LoginManager} = 'Foswiki::LoginManager::TemplateLogin';

$Foswiki::cfg{UserMappingManager} = 'Foswiki::Users::TopicUserMapping';

$Foswiki::cfg{PasswordManager} = 'Foswiki::Users::LdapPasswdUser';

I have tried all combinations of LoginManagers and UserMappingManagers. Chose TopicUserMapping instead of LdapUserMapping since I do not want to use the Active Directory groups.

-- TimCera - 08 Mar 2012

I am having the same issue

-- FrankRizzo - 23 Mar 2012

I am no longer having the same issue. My issue was that the username is case sensitive (i.e. user123 vs. User123)

-- FrankRizzo - 26 Mar 2012

LdapContrib works for me with the following setup:
$Foswiki::cfg{LoginManager} = 'Foswiki::LoginManager::TemplateLogin';
$Foswiki::cfg{UserMappingManager} = 'Foswiki::Users::LdapUserMapping';
$Foswiki::cfg{PasswordManager} = 'Foswiki::Users::LdapPasswdUser';
$Foswiki::cfg{Ldap}{SecondaryPasswordManager} = 'none';

-- MartinKaufmann - 29 Mar 2012
 

QuestionForm edit

Subject Using an extension, Authentication or Authorisation, LDAP
Extension LdapContrib
Version Foswiki 1.1.4
Status Asked
Related Topics
Topic revision: r4 - 29 Mar 2012, MartinKaufmann - This page was cached on 20 Sep 2018 - 18:47.

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy