Project

General

Profile

Actions

Feature #5208

open

Add LDAP authentication middleware

Added by Carl Negro about 7 years ago. Updated almost 7 years ago.

Status:
New
Priority:
Normal
Assignee:
Carl Negro
Category:
-
Target version:
-
Start date:
09/11/2017
Due date:
% Done:

0%

Estimated time:

Description

I propose adding LDAP middleware authentication, so that if an Appion server uses LDAP for processing accounts, users would be able to use the LDAP credentials at both the myamiweb login and the Appion processing login. Logging in to myamiweb would automatically log the user in to the processing page as well.

The LDAP account and myamiweb account names would have to be the same. We'd need a flag and config info in myamiweb/config.php so the authentication system knows to attempt a login with the LDAP credentials. Given a username and password, the server would first try to validate against LDAP. If that fails, the system tries to validate against the native myamiweb account. If that fails, login fails. In this scenario, it would not matter if the LDAP and myamiweb passwords are different, only that the entered password matches one of them. In the case where an LDAP account exists without a corresponding myamiweb account of the same username, the system should automatically create the myamiweb account. In the reverse case, I do not think an LDAP account should be generated.

Actions #1

Updated by Anchi Cheng about 7 years ago

Do make sure the activation of this midware is configured in config.php. Not every place can tab into LDAP.

Actions #2

Updated by Carl Negro almost 7 years ago

This should not be very difficult.

http://php.net/manual/en/function.ldap-bind.php
Actions #3

Updated by Carl Negro almost 7 years ago

  • Assignee set to Carl Negro
Actions

Also available in: Atom PDF