[horde] Authentication guidance required.

ANANT S ATHAVALE asa at isac.gov.in
Thu Jul 30 12:06:46 UTC 2015


----- Message from Jens Wahnes <wahnes at uni-koeln.de> ---------
    Date: Thu, 30 Jul 2015 10:44:54 +0200
    From: Jens Wahnes <wahnes at uni-koeln.de>
Subject: Re: [horde] Authentication guidance required.
      To: horde at lists.horde.org


> On Tue, Jul 28 2015, at 11:59:09 +0530, ANANT S ATHAVALE wrote:
>
>>> On Sat, Jul 18 2015, at 18:48:54 +0530, ANANT S ATHAVALE wrote:
>>>
>>>> I also have an attribute attached with every user ldap entry, namely
>>>> staffnumber and I need to give users to login using their staffnumber,
>>>> but, it should display their original mailbox (uid).
>>>
>>>> Can this requirement be met with existing Horde application?
>
>>> Yes, it can be done though one or more hooks.  If I understand your
>>> requirements correctly, using just the preauthenticate hook will
>>> probably suffice.
>
>> Thanks. It worked.  Please see the preauthenticate hook.  Please
>> suggest, if it can be still improved.
>
> one thing to consider in your code is whether you are going to want to
> use "plain" PHP functions for LDAP access or if you're better off using
> Horde's LDAP functions.  The latter would enable you to keep the LDAP
> config to Horde's config file, which is always a good idea.  Otherwise,
> you'll have to remember to change things in two places, e.g. if there
> is a new hostname for the LDAP service.
>
> Also, your code could use some more error handling, e.g.
> try-catch-blocks in case something goes wrong.  For example, you might
> want to display a message on the login screen in case the LDAP server
> could not be queried:
>
> $GLOBALS['notification']->push(_("Error in process of password  
> verification, please try again later"), "horde.warning");
>
> Probably, you'll want to add a note to the logfile in that case as
> well.  If a user complains that they could not log in, then you can
> find out why later:
>
> Horde::log("Could not query LDAP server when trying to look up info  
> for $userId", "ERR");
>
> It might even be a good idea to directly return false in case the LDAP
> server was unavailable.
>
>
> Jens
> --
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org


----- End message from Jens Wahnes <wahnes at uni-koeln.de> -----

OK. Thank you so much.

-- 
      सादर धन्यवाद/ Thanks & Regards
           अनंत / Anant
------------------------------------------------------------------------------
Confidentiality Notice: This e-mail message, including any attachments, is for
the sole use of the intended recipient(s) and may contain confidential and
privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.
------------------------------------------------------------------------------



More information about the horde mailing list