[Tickets #2610] ldap auth driver does not list users

bugs@bugs.horde.org bugs at bugs.horde.org
Sat Sep 17 08:34:47 PDT 2005 

DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/?id=2610
-----------------------------------------------------------------------
 Ticket             | 2610
 Updated By         | kevin_myer at iu13.org
 Summary            | ldap auth driver does not list users
 Queue              | Horde Framework Packages
 Version            | HEAD
 State              | Feedback
 Priority           | 2. Medium
 Type               | Bug
 Owners             | 
-----------------------------------------------------------------------


kevin_myer at iu13.org (2005-09-17 08:34) wrote:

I have the exact same situation on my install.  However, I have elected to
handle it differently than this solution.

My requirements;
Users can login with just their userid (firstname_lastname)
The userid that gets stored must contain their userid and domain
(firstname_lastname at example.com)
Listing of users should display only the userid portion - the domain is not
necessary

Index: login.php
===================================================================
RCS file: /repository/horde/login.php,v
retrieving revision 2.184
diff -u -r2.184 login.php
--- login.php   16 Aug 2005 12:42:15 -0000      2.184
+++ login.php   17 Sep 2005 15:26:02 -0000
@@ -79,7 +79,12 @@
     /* Destroy any existing session on login and make sure to use a
      * new session ID, to avoid session fixation issues. */
     Horde::getCleanSession();
-    if ($auth->authenticate(Util::getPost('horde_user'),
+    $username = Util::getPost('horde_user');
+    if (!strstr($username,"@"))
+    {
+      $username .= "@example.com";
+    }
+    if ($auth->authenticate($username,
                             array('password' =>
Util::getPost('horde_pass')))) {
         $entry = sprintf('Login success for %s [%s] to Horde',
                          Auth::getAuth(), $_SERVER['REMOTE_ADDR']);

Then, use the following hook:

if (!function_exists('_username_hook_tobackend')) {
    function _username_hook_tobackend($userID)
    {
        global $conf;
      $vdomain = $conf['mailer']['params']['localhost'];
        $userID = substr($userID, 0, -(strlen($vdomain)+1));
        return $userID;
    }
}

To do this, I elected to use the mail attribute to authenticate against,
instead of the uid attribute.  But it displays the results I want, gives
users a shorter userid to type, and only requires a patch to login.php. 
Seems less convoluted to me.

I probably could clean up that even more and not require a patch at all, if
I used the preauthenticate hook, but haven' t had the time to do that.

More information about the bugs mailing list