You are viewing the PKP Support Forum | PKP Home Wiki

LDAP plugin is not working

Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher

Forum rules
The Public Knowledge Project Support Forum is moving to http://forum.pkp.sfu.ca

This forum will be maintained permanently as an archived historical resource, but all new questions should be added to the new forum. Questions will no longer be monitored on this old forum after March 30, 2015.

LDAP plugin is not working

Postby sebelk » Fri Apr 19, 2013 5:45 am

Hi OJS community,

I've recently installed OJS and set up LDAP authentication resource but it does nothing :(

The only that I've found is this message in error log:

[Fri Apr 19 09:42:20 2013] [error] [client x.x.x.x] NOTICE: Constant HANDLER_CLASS already defined (/var/www/html/ojs/pages/admin/index.php:66), referer: http://xyz.example.com/ojs/index.php/index/admin/auth

Please could you help me?
I use the following packages mysql-5.0.77-4.el5_4.2 php-5.1.6-39.el5_8 php-ldap-5.1.6-39.el5_8

Thanks in advance
Posts: 8
Joined: Fri Apr 19, 2013 5:31 am

Re: LDAP plugin is not working

Postby sebelk » Fri Apr 26, 2013 7:26 am

Well, don't ask how, but now it's working...

anyway I have 1 comment:

1) Why do you force to use a Manager user *always*?

Let's say that I ONLY want users be autheticated, why should I use Manager, I think save ldap manager password IMHO is somewhat insecure

Thanks in advacance
Posts: 8
Joined: Fri Apr 19, 2013 5:31 am

Re: LDAP plugin is not working

Postby JasonNugent » Fri Apr 26, 2013 7:54 am

Hi sebelk,

LDAP does what is called 'two factor' authentication. The way a user is authenticated against LDAP is:

1. You must first bind to the LDAP tree as someone who can search the tree. This is why you need the manager information.
2. A search is performed to find the user you want to authenticate. This is necessary because LDAP will then return a custom uid that you use to:
3. Bind with. You bind with the uid you find in step 2, with the user's password. If this is successful, you know that the user's login credentials are correct.

Site Admin
Posts: 910
Joined: Tue Jan 10, 2006 6:20 am

Return to OJS Technical Support

Who is online

Users browsing this forum: Yahoo [Bot] and 4 guests