Bug 6914 - LDAP Authentication is tried for External Users on Login
LDAP Authentication is tried for External Users on Login
Status: NEW
Product: OJS
Classification: Unclassified
Component: Plug-ins
2.4.x
All All
: P3 major
Assigned To: PKP Support
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-10-06 01:44 PDT by Philip Muench
Modified: 2012-09-21 14:59 PDT (History)
1 user (show)

See Also:
Version Reported In:
Also Affects:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Philip Muench 2011-10-06 01:44:37 PDT
In our Installation, we are using LDAP Authentication in order to prevent credentials of members of our institution from being used by external people. The problem is as follows: The LDAP System does not allow us to register external people, therefore OJS should not, after the initial registration, check user credentials via LDAP, but only against its internal user table. This is not the case; if we use LDAP as the Authentication source, credentials are checked against the LDAP System for every user, not just those where an LDAP account was found during registration. My current workaround is commenting out a line in /classes/user/form/RegistrationForm.inc.php: $user->setAuthId($this->defaultAuth->authId); 
This lets OJS know to only use its internal table of users for authentication. A better solution would be to save information about which authentication source was used during registration and therefore validating users against that source on login.