[horde] Composite Authentication

Laurent Foucher laurent.foucher at iut-tlse3.fr
Mon Oct 21 09:23:17 UTC 2013 

----- Message de Michael M Slusarz <slusarz at horde.org> ---------
  Date: Fri, 18 Oct 2013 12:17:28 -0600
    De: Michael M Slusarz <slusarz at horde.org>
Objet: Re: [horde] Composite Authentication
     À: horde at lists.horde.org


> Quoting Laurent Foucher <laurent.foucher at iut-tlse3.fr>:
>
>> Hello,
>>
>> I'm trying to configure the composite authentication, using  
>> shibolleth as auth driver and ldap as admin driver. Here my config :
>>
>> $conf['auth']['driver'] = 'composite';
>> $conf['auth']['params']['admin_driver']['driver'] = 'ldap';
>> $conf['auth']['params']['admin_driver']['params'] = array(
>>  'hostspec' => 'XX.XX.XX.XX',
>>  'tls' => false,
>>  'version' => '3',
>>  'binddn' => 'XXXXXXXX,dc=iut-tlse3,dc=fr',
>>  'bindpw' => 'XXXXXXXX',
>>  'bindas' => 'admin',
>>  'basedn' => 'ou=People,dc=iut-tlse3,dc=fr',
>>  'scope' => 'one',
>>  'ad' => false,
>>  'uid' => 'uid',
>>  'encryption' => 'ssha',
>>  'newuser_objectclass' => array('shadowAccount', 'inetOrgPerson'),
>>  'filter' => '(objectclass=shadowAccount)',
>>  'password_expiration' => 'no'
>> );
>> $conf['auth']['params']['auth_driver']['driver'] = 'shibboleth';
>> $conf['auth']['params']['auth_driver']['params'] = array(
>>  'username_header' => 'HTTP_AUTH_USER',
>>  'password_header' => 'HTTP_AUTH_PASSWORD',
>>  'password_holder' => 'header'
>> );
>>
>> Authentication works fine with shibolleth and ldap, but not with  
>> composite driver.
>
> I would start simpler.  Replace, for example, the auth_driver with a  
> simple auth driver (i.e. 'auto') and see if it works.  Then switch  
> with admin_driver.  This will let you know which portion of your  
> config is faulty.
>
> michael
>
Hello,

Whatever the following configuration, the same problem remain and the  
authentication does not occur.

Test1 :

$conf['auth']['list_users'] = 'list';
$conf['auth']['driver'] = 'composite';
$conf['auth']['params']['admin_driver']['driver'] = 'auto';
$conf['auth']['params']['admin_driver']['params'] = array(
  'username' => 'laurent.foucher',
  'password' => 'XXXXX',
  'requestuser' => false
);
$conf['auth']['params']['auth_driver']['driver'] = 'shibboleth';
$conf['auth']['params']['auth_driver']['params'] = array(
'username_header' => 'HTTP_AUTH_USER',
'password_header' => 'HTTP_AUTH_PASSWORD',
'password_holder' => 'header'
);

Test2:

$conf['auth']['driver'] = 'composite';
$conf['auth']['params']['admin_driver']['driver'] = 'ldap';
$conf['auth']['params']['admin_driver']['params'] = array(
'hostspec' => 'XX.XX.XX.XX',
'tls' => false,
'version' => '3',
'binddn' => 'XXXXX,dc=iut-tlse3,dc=fr',
'bindpw' => 'XXXXX',
'bindas' => 'admin',
'basedn' => 'ou=People,dc=iut-tlse3,dc=fr',
'scope' => 'one',
'ad' => false,
'uid' => 'uid',
'encryption' => 'ssha',
'newuser_objectclass' => array('shadowAccount', 'inetOrgPerson'),
'filter' => '(objectclass=shadowAccount)',
'password_expiration' => 'no'
);
$conf['auth']['params']['auth_driver']['driver'] = 'auto';
$conf['auth']['params']['auth_driver']['params'] = array(
'username' => 'laurent.foucher',
'password' => 'XXXXXX',
'requestuser' => false
);

Thanks,

-- 
- Laurent Foucher
< I U T 'A'  Paul Sabatier >
laurent.foucher at iut-tlse3.fr
Enseignant/Chargé de mission Systèmes & Réseau

More information about the horde mailing list