PKP Bugzilla – Bug 6914
LDAP Authentication is tried for External Users on Login
Last modified: 2012-09-21 14:59:15 PDT
We are moving to Git Issues for bug tracking in future releases. During transition, content will be in both tools. If you'd like to file a new bug, please create an issue.
In our Installation, we are using LDAP Authentication in order to prevent credentials of members of our institution from being used by external people. The problem is as follows: The LDAP System does not allow us to register external people, therefore OJS should not, after the initial registration, check user credentials via LDAP, but only against its internal user table. This is not the case; if we use LDAP as the Authentication source, credentials are checked against the LDAP System for every user, not just those where an LDAP account was found during registration. My current workaround is commenting out a line in /classes/user/form/RegistrationForm.inc.php: $user->setAuthId($this->defaultAuth->authId);
This lets OJS know to only use its internal table of users for authentication. A better solution would be to save information about which authentication source was used during registration and therefore validating users against that source on login.