OJS OCS OMP OHS

You are viewing the PKP Support Forum | PKP Home Wiki



LDAP plugin is not working

Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher

Forum rules
What to do if you have a technical problem with OJS:

1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.

2. Check the FAQ to see if your question or error has already been resolved.

3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.

LDAP plugin is not working

Postby sebelk » Fri Apr 19, 2013 5:45 am

Hi OJS community,

I've recently installed OJS and set up LDAP authentication resource but it does nothing :(

The only that I've found is this message in error log:

[Fri Apr 19 09:42:20 2013] [error] [client x.x.x.x] NOTICE: Constant HANDLER_CLASS already defined (/var/www/html/ojs/pages/admin/index.php:66), referer: http://xyz.example.com/ojs/index.php/index/admin/auth


Please could you help me?
I use the following packages mysql-5.0.77-4.el5_4.2 php-5.1.6-39.el5_8 php-ldap-5.1.6-39.el5_8

Thanks in advance
sebelk
 
Posts: 8
Joined: Fri Apr 19, 2013 5:31 am

Re: LDAP plugin is not working

Postby sebelk » Fri Apr 26, 2013 7:26 am

Well, don't ask how, but now it's working...

anyway I have 1 comment:

1) Why do you force to use a Manager user *always*?

Let's say that I ONLY want users be autheticated, why should I use Manager, I think save ldap manager password IMHO is somewhat insecure

Thanks in advacance
sebelk
 
Posts: 8
Joined: Fri Apr 19, 2013 5:31 am

Re: LDAP plugin is not working

Postby JasonNugent » Fri Apr 26, 2013 7:54 am

Hi sebelk,

LDAP does what is called 'two factor' authentication. The way a user is authenticated against LDAP is:

1. You must first bind to the LDAP tree as someone who can search the tree. This is why you need the manager information.
2. A search is performed to find the user you want to authenticate. This is necessary because LDAP will then return a custom uid that you use to:
3. Bind with. You bind with the uid you find in step 2, with the user's password. If this is successful, you know that the user's login credentials are correct.

Regards,
Jason
JasonNugent
Site Admin
 
Posts: 848
Joined: Tue Jan 10, 2006 6:20 am


Return to OJS Technical Support

Who is online

Users browsing this forum: Google [Bot] and 3 guests