Authentication with DB and LDAP

1.8 related questions and discussions.
Please upgrade to LATEST 1.9.x.
No more fixes for 1.8.

Moderators: Amaradana, TurboPT, TL Developers

Locked
jackey
TestLink user
Posts: 13
Joined: Wed Feb 04, 2009 7:30 pm

Authentication with DB and LDAP

Post by jackey »

Code: Select all

function auth_does_password_match(&$user,$cleartext_password)
{
        $authCfg = config_get('authentication');
        $ret = new stdClass();
        $ret->status_ok = true;
        $ret->msg = 'ok';

        if ('LDAP' == $authCfg['method'])
        {
                $msg[ERROR_LDAP_AUTH_FAILED] = lang_get('error_ldap_auth_failed');
                $msg[ERROR_LDAP_SERVER_CONNECT_FAILED] = lang_get('error_ldap_server_connect_failed');
                $msg[ERROR_LDAP_UPDATE_FAILED] = lang_get('error_ldap_update_failed');
                $msg[ERROR_LDAP_USER_NOT_FOUND] = lang_get('error_ldap_user_not_found');
                $msg[ERROR_LDAP_BIND_FAILED] = lang_get('error_ldap_bind_failed');

                $xx = ldap_authenticate($user->login, $cleartext_password);
                $ret->status_ok = $xx->status_ok;
                $ret->msg = $msg[$xx->status_code];

                if ($xx->status_ok)
                {
                        if ($user->comparePassword($cleartext_password) == tl::OK) $ret->status_ok = true;
                }
        }

        else // normal database password compare
        {
                if ($user->comparePassword($cleartext_password) != tl::OK)
                        $ret->status_ok = false;
        }

        return $ret;
}
Above code changes does not work, please help! It only passes with LDAP users and fails with DB users.

I like to have two authentication methods (DB and LDAP). If LDAP fails, Testlink shall check with DB. If DB authentication is ok, the authentication should pass.
Top
seer14
TestLink user
Posts: 1
Joined: Thu Jun 11, 2009 8:34 pm

Post by seer14 »

Nothing wrong with your code...

problem lies deeper in the classes

Code: Select all

        public function comparePassword($pwd)
        {
                if (self::isPasswordMgtExternal())
                       return self::S_PWDMGTEXTERNAL;

                if ($this->getPassword($pwd) == $this->encryptPassword($pwd))
                        return tl::OK;
                return self::E_PWDDONTMATCH;
        }
Both this function and the encryptPassword function check if the password management is external. If it is, they return an error code. To get this working on my system (a hack) ... I commented out the following lines in both the encryptPassword and compare Password functions

Code: Select all

                #if (self::isPasswordMgtExternal())
                #      return self::S_PWDMGTEXTERNAL;
Top
Locked

Return to “TestLink 1.8 (OBSOLETE => EOL)[LOCKED]”