[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Help with php-ldap



Nils Breunese wrote:
Brian Chivers wrote:

OK altered the first script at per comments and this is ones of the result is below, it looks like it is retrieving the gidnumber etc but not sure how to alter script so it only shows cn, uidnumber & gidnumber. (bits I need for the rest of my magical script)

I've had a bit of a think about how I'm going to do this, I'm think about putting the page that staff access behind a .htaccess that is setup so only staff get through as I have this working already but I still need to retrieve the uidnumber etc from ldap so I can enter it into a database so the line below won't be needed :-)

Ik have no real world experiece with authenticating against LDAP, but I have the feeling that this can all be done a whole lot easier and without any PHP scripting. Did you have a look at Apache's mod_auth_ldap [0]? You can use LDAP groups to specify who should be able to authenticate.

Nils Breunese.

[0] http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html

_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>

You're right mod_auth_ldap is very easy to use for basic authentication but I need to do slightly more :-)

I'll explain,

we're using a piece of code called "vshare" that is a sort of YouTube clone allowing staff to upload movies etc. The problem is that it stores all it's users in a mysql database. All our users live in ldap with passwords as SMD5, Vshare stores them all as MD5. I can't see an easy way to export our users & import them into the mysql database. To further add to the complications the php that vshare uses is all Zend encoded so I can't even edit this. :-(

So what I'm trying to do is create a page that our staff visit once to set themselves up that will do the following :-

1.) Authenticate them against our ldap server to access the page (easy with mod_ldap_auth)
2.) Check this password against the ldap so the passwords they are using are the same and the vlaue is then held in the php variables PHP_AUTH_PWD in plaintext (this bit scares me when you run phpinfo *grin*)
3.) Read these values from php variable and create a MD5 hash
4.) Read the uid number from ldap
5.) create the relevant mysql entries into the vshare database using the UID, password etc so that staff login with there usual username & password.

Simple really :-)

I've got the first 3 steps working, just working on steps 4 & 5 :-)

Brian

------------------------------------------------------------------------------------------------
   The views expressed here are my own and not necessarily

the views of Portsmouth College
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]