Joomla! Issue Tracker - CMS

Download
Launch
Feeling Lucky

[#17608] - LDAP Plugin: clear password error for users without email on ldap

?
avatar anabarcellos
anabarcellos
18 Aug 2017

We have this issue since 2012 and we just could solve it hacking the LDAP plugin. Yes, horrible practice and headache when upgrading. I had no success overriding. Not sure if this is a relevant topic since I don't know if other users could have the same situation, but reporting anyways.

Situation

We have a type of users that don't have email address registered on LDAP.
When they try to login, we get a 'clear password' error.
However, they have a corporative email, which is 'username@domain.com'.
So we hack ldap.php adding to line 148:

else {
$response->email = $userdetails[0][$ldap_uid][0].'@domain.com.';
}

Steps to reproduce the issue

Login on Joomla by LDAP, when the user has no email address on LDAP server.

Expected result

Succesfull login

Actual result

Clear password error - login fails

System information (as much as possible)

SLES 12 - Linux/SUSE Enterprise, Apache 2.4.16, PHP 5.5.14, Mysql, Openldap, Joomla! 3.7.5 (since 2.5)

Additional comments

avatar anabarcellos anabarcellos - open - 18 Aug 2017
avatar joomla-cms-bot joomla-cms-bot - labeled - 18 Aug 2017
avatar zero-24
zero-24 - comment - 18 Aug 2017

hmm did you ever tried to copy the ldap plugin and than implement the changes you need?
As this IMO is not a default case and I'm not sure if the CMS needs to take care of that cases.

The pro in that solution is that there is no problem on updating.

avatar anabarcellos
anabarcellos - comment - 18 Aug 2017

Let me see if I understood your suggestion: I will copy the folder and name it like ldap2. Than I change the code on ldap2. After copying, should I install it from backend extensions > discover ?
And how to avoid conflicts between the 2 ? Sorry, you are talking to a dummy ?

avatar franz-wohlkoenig franz-wohlkoenig - change - 19 Aug 2017
Status New Discussion
avatar joomla-cms-bot joomla-cms-bot - change - 19 Aug 2017
Status Discussion New
avatar joomla-cms-bot joomla-cms-bot - edited - 19 Aug 2017
avatar franz-wohlkoenig franz-wohlkoenig - change - 19 Aug 2017
Status New Discussion
avatar zero-24
zero-24 - comment - 19 Aug 2017

And how to avoid conflicts between the 2 ?

What kind of conflicts do you expect? Just disable the core shipped plugin and only enable the ldap2 plugin?

I will copy the folder and name it like ldap2. Than I change the code on ldap2. After copying, should I install it from backend extensions > discover ?

Did you tried it? Maybe on a test site? Please also rename the pligin file from "ldap.php" => "ldap2.php" and the xml file. Please also fix this line in the copied XML file https://github.com/joomla/joomla-cms/blob/staging/plugins/authentication/ldap/ldap.xml#L13

That should do the trick.

avatar brianteeman brianteeman - change - 19 Aug 2017
Status Discussion Closed
Closed_Date 0000-00-00 00:00:00 2017-08-19 08:33:23
Closed_By brianteeman
Build 0 staging
avatar brianteeman brianteeman - close - 19 Aug 2017

Add a Comment

Login with GitHub to post a comment