Home  >   Forum Home  >  ExpressionEngine Third Party Development  >  Extensions: Discussion and Questions  >  Thread
   
 
Authentication hooks
 
stickmus
Posted: 17 June 2008 04:45 AM   [ Ignore ]  
Summer Student
Total Posts:  15
Joined  12-20-2006

I’m trying to hijack the authentication to use LDAP/AD. I’ve found the login_authenticate_start hook, and I’m trying to use that, but I’m having no luck. Is there something I can return that says, “Yay, this user is authenticated” or do I have to rewrite the whole authentication function?

Also, is it possible to access the Login class methods from my extension?
eg:

$Login->login_form() 

Any help gratefully received
Profile
 
 
Jesse B.
Posted: 17 June 2008 10:23 PM   [ Ignore ]   [ # 1 ]  
Grad Student
Rank
Total Posts:  47
Joined  09-21-2007

Hi stickmus,

This question comes up a lot; you may want to search the forums for other perspectives.

Our needs are very simple; all we want is to validate the password against Active Directory given a username that already exists in ExpressionEngine’s database.  Everything else will use the existing code.  We want to minimize the impact of our hack to make things easier to upgrade as EllisLab releases new versions.

We’re probably going to address this by deleting the code between the “Check password” and “Invalid password” comments in cp.login.php (this is lines 208-229 in version 1.6.3) and replacing it with a custom hook.  The bulk of the code is based on an existing authentication library we’ve written, which we’ll modify into an EE extension.

Sorry, I don’t expect that my employer will allow me to release the source code for this, but I will be sure to ask in a couple months when I get to this part of the project.
Profile
 
 
leejb
Posted: 17 July 2008 10:37 AM   [ Ignore ]   [ # 2 ]  
Lab Assistant
Avatar
RankRank
Total Posts:  107
Joined  04-12-2008

Jesse,

  Thanks for this detailed info.  I’m going to start looking into something similar for us with internal ldap auth functions.

  For anyone that’s interested, has the PHP know how and time, Knowledgtree’s community version has an LDAP auth module that works great both with openLDAP and AD.  The source for their LDAP functions is in there ‘xxx…baseauthentication…xxx’.php files.  I would think it could be similarly ported over for EE, but per the conditions, I’m not a php guru, but would be willing to help someone who is, in trying to work out such an extension.

 Signature 

“You can’t fall off the floor” - Paul’s Law
“Brawndo, It’s what plants crave!” - Idiocracy
Profile
 
 
aferraccioli
Posted: 29 July 2008 08:49 AM   [ Ignore ]   [ # 3 ]  
Grad Student
Avatar
Rank
Total Posts:  90
Joined  10-10-2007

I have an LDAP extention… working very nice and willing to help anybody trying to overcome this…
Profile
 
 
leejb
Posted: 29 July 2008 10:23 AM   [ Ignore ]   [ # 4 ]  
Lab Assistant
Avatar
RankRank
Total Posts:  107
Joined  04-12-2008

!! Whatever you have I would be extremely greatful and willing to try to test/enhance as much as I can!  Post or PM me!

 Signature 

“You can’t fall off the floor” - Paul’s Law
“Brawndo, It’s what plants crave!” - Idiocracy
Profile
 
 
peschehimself
Posted: 29 July 2008 12:49 PM   [ Ignore ]   [ # 5 ]  
Research Assistant
Avatar
RankRankRank
Total Posts:  305
Joined  04-12-2008

+1

Would be nice if this was made public if possible.

 Signature 

Designchuchi | Twitter


URL Field Extension
Required Category Extension
DC FreeForm GeoIP Extension
DC Template Manager
Profile
 
 
   
 
 
‹‹ CM Strange URL Interpreter [extension]      file upload sql error- file extension ››
Powered By ExpressionEngine
ExpressionEngine Discussion Forum - Version 3.1.5 (20110621)
Script Executed in 0.2896 seconds
Atom Feed   RSS 2.0