Re: [Ruqueue-devel] LDAP and Ruqueue

[John Fulton]

Some suggestions:

1.  Location of auth_file

The auth_file has private data.  I just want to make sure that your
entry below for:

>       'auth_file' => '/var/www/ruqueue/auth_file',

is outside of the public apache web tree.

2.  ldaps command line test

Make sure that your LDAP search is working from the command line with
SSL first before you see about getting PHP to do it.  Does something
like the following work for you?

ldapsearch -D your_auth_dn -x -W -b dc=my,dc=domain,dc=umanitoba,dc=ca
-H ldaps://ldap.domain.tld 'cn=*Quiring*'

Once you get the above working have a look at the following for more
info on our LDAP setup.

 http://mssg-lamp.rutgers.edu/ldap/#apache

You'll want to make sure that your LDAP lib has your cert and then
check that PHP can talk to your LDAP lib.

Again all of this is very specific to the Rutgers LDAP server.  You
can change it as you like for your LDAP server.

3.  base64 decoding test

Test that PHP is correctly decoding the password by having the code
spit out the username and password before it uses it.  You can always
use our Authorization File Generator to create the auth file:

 https://mssg-lamp.rutgers.edu/ldap/genAuthFile.php

Also, I would create another account for this service that has only
the privs that it needs and not hard code the root password in any
code.

  John


Montana Quiring wrote:
> Well... I tried as was suggested. I used an on-line BASE64 encoder to 
encode
> a single line that said:
> dc=my,dc=domain,dc=umanitoba,dc=ca:silly_filler_text:mypassword
>
> ...but when I try to enter the user name "root" with the correct 
password it
> gives the error: " Invalid credentials "
>
> It used to always say "invalid DN syntax", so I think I'm making 
progress.
>
> Here is the part of "functions/ru_ldap_auth.php" that I've edited:
>    var $arrayConfig = array(
>       'auth_file' => '/var/www/ruqueue/auth_file',
>       'server' => 'ldaps://localhost',
>       'useVersion3' => 'false',
>       'searchBase' => 'dc=my,dc=domain,dc=umanitoba,dc=ca',
>       'authSearchAttrib' => 'uid',
>       );
>
> BTW, I haven't changed anything in "functions-auth-ru-ldap.php"
>
> Any other suggestions?
>
> -Montana Quiring
>
> -----Original Message-----
> From: Sean Timothy Noonan [mailto:address@hidden
> Sent: Monday, August 28, 2006 1:05 PM
> To: Montana Quiring
> Cc: address@hidden
> Subject: Re: [Ruqueue-devel] LDAP and Ruqueue
>
> Examine the function header for the function below (ReadAuthFile)...
>    // Remarks:
>    //    The file must contain 1 line that's base64 encoded and be in
> the
>    //    format:
>    //          authentication_dn:some_unique_text:password
>    //
>
> -- Sean
> On Mon, 2006-08-28 at 12:58 -0500, Montana Quiring wrote:
>> Hello,
>>
>>
>>
>> I got Ruqueue working without LDAP support
>>
>>
>>
>> When I edit the file "ru_ldap_auth.php" in the funtions folder it asks
>> for a path to the "auth_file"
>>
>> <SNIP>
>>
>>    //    'auth_file' => Full path to the name of the file containing
>> the
>>
>>    //                   LDAP authentication login and password
>> information
>>
>> 'auth_file' => '/pathtomyauth_file',
>>
>> </SNIP>
>>
>>
>>
>> Is there an example of what it expects to see?
>>
>>
>>
>> I have a working OpenLDAP server setup as I'm using it in other
>> applications. Apache and OpenLDAP are on the same box, BTW.
>>
>>
>>
>> To show you that I've tried searching for the answer. I've searched a
>> bunch for this and found someone who asked the same question on the
>> users list. I emailed him directly but he said he never got the answer
>> he needed.
>>
>>
>>
>> Please let me know if you require more info in order to help me
>> better.
>>
>>
>>
>> Thanks.
>>
>>
>>
>> -Montana Quiring
>>
>>
>> _______________________________________________
>> Ruqueue-devel mailing list
>> address@hidden
>> http://lists.nongnu.org/mailman/listinfo/ruqueue-devel
>
>
>
>
> _______________________________________________
> Ruqueue-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/ruqueue-devel

--
John Fulton, Senior Web Designer, Rutgers University
http://www.nbcs.rutgers.edu/      732.445.6950 x6032