zend auth issues for LDAP login
Permalink
I'm actually trying to build an LDAP login with Active Directory, but I built it using the Zend Framework Auth and LDAP classes. Now that I'm actually trying to incorporate this into C5, I'm running into all sorts of issues getting the necessary classes to load... partly because I'm running this on Zend Server CE I think (unless you're using the LDAP class somewhere. So, I have snagged zend_auth and zend_ldap and threw them in c5/libraries/3rdparty/Zend.
If I try this...
I get this...
I tried adding zend_optimizerplus.dups_fix=1 to the php.ini, and tried turning Zend Optimizer+ off, and neither of those options seemed to work... and yes, I did restart the server. :)
If I try comment out...
Concrete throws back an error...
if I comment out...
... the session error goes away, but then I can't use Zend_Auth.
I really don't want to reinvent the wheel here so can you please help me get this to work with Zend_Auth. Once I get this working, I'll eventually polish it up, add an interface, try to make it configurable enough to work with other LDAPs, build it into a package and make it available to your community since it seems to be highly requested.
If I try this...
Loader::library('3rdparty/Zend/Auth'); Loader::library('3rdparty/Zend/Ldap'); Loader::library('3rdparty/Zend/Auth/Adapter/Ldap');
I get this...
Cannot redeclare class zend_ldap. If this code worked without the Zend Optimizer+, please set zend_optimizerplus.dups_fix=1 in your php.ini in...
I tried adding zend_optimizerplus.dups_fix=1 to the php.ini, and tried turning Zend Optimizer+ off, and neither of those options seemed to work... and yes, I did restart the server. :)
If I try comment out...
Loader::library('3rdparty/Zend/Ldap');
Concrete throws back an error...
session has already been started by session.auto-start or session_start()
if I comment out...
Loader::library('3rdparty/Zend/Auth');
... the session error goes away, but then I can't use Zend_Auth.
I really don't want to reinvent the wheel here so can you please help me get this to work with Zend_Auth. Once I get this working, I'll eventually polish it up, add an interface, try to make it configurable enough to work with other LDAPs, build it into a package and make it available to your community since it seems to be highly requested.
Well this is very disappointing. I have seen documentation where Concrete5 wants to incorporate more ZF. Here I am trying to do that and it looks like I am going to have to rebuild this without ZF because of the issues I'm having with it and can't get any help.
A lot of forum posts are happening these days, and sometimes some of them slip by. I'd very much like to help you get this type of thing working.
I'm not familiar with Zend Server CE but I'm assuming it includes compiled versions (or at the very least pre-loaded) versions of all the Zend Framework classes. Is that correct? If so, does any part of concrete5 work ? We're not currently using the ldap plugin for the zend framework, and i would assume that what you're trying to do should work just fine..
I'm not familiar with Zend Server CE but I'm assuming it includes compiled versions (or at the very least pre-loaded) versions of all the Zend Framework classes. Is that correct? If so, does any part of concrete5 work ? We're not currently using the ldap plugin for the zend framework, and i would assume that what you're trying to do should work just fine..
OK, I'm a huge dork. I had something in one of my classes that was var_dumping some results when I was testing it outside of C5. I think that was it. I'm at least getting the login screen and an invalid username and password error when I try to log in, so now it's just a matter of figuring out what's causing that.
One thing you could really help me on is I couldn't figure out what you're doing with OpenID exactly so what I'm trying to do at the moment is if the user doesn't authenticate through the normal C5 authentication, I hit the LDAP server to authenticate. If the user exists in C5 already, update the password and run through the rest of the normal C5 authentication; otherwise, create the user by pulling their info from the LDAP server and then run through the C5 auth. I would rather try to replicate the way you did it with OpenID. I'm trying to trace through the code on that, but I'm having difficulty finding the spot where C5 determines this is an OK OpenID user and authenticates them that way. I'm certainly open for suggestions too.
One thing you could really help me on is I couldn't figure out what you're doing with OpenID exactly so what I'm trying to do at the moment is if the user doesn't authenticate through the normal C5 authentication, I hit the LDAP server to authenticate. If the user exists in C5 already, update the password and run through the rest of the normal C5 authentication; otherwise, create the user by pulling their info from the LDAP server and then run through the C5 auth. I would rather try to replicate the way you did it with OpenID. I'm trying to trace through the code on that, but I'm having difficulty finding the spot where C5 determines this is an OK OpenID user and authenticates them that way. I'm certainly open for suggestions too.
I would take a look at the finish_login() function in the controllers/login.php file. Search for "openid" and check out how it checks to see whether open id is authenticated
OK, I did end up having session start issues again and I've discovered that if you use Zend_Auth, it's going to start a session unless you start it in the beginning with Zend_Session::start();
http://framework.zend.com/manual/en/zend.session.advanced_usage.htm...
So the options are either pull out the parts I need from the ZF classes and redo this thing, write my on LDAP class, rewrite Concrete's login process to use Zend_Auth or maybe trying to use Zend_Session instead of session_start() in the /concrete/startup/session.php file, but that doesn't appear to be one of files you can put at the root level and override what you have in the concrete folder. WWAD (what would Andrew do... haha)
http://framework.zend.com/manual/en/zend.session.advanced_usage.htm...
So the options are either pull out the parts I need from the ZF classes and redo this thing, write my on LDAP class, rewrite Concrete's login process to use Zend_Auth or maybe trying to use Zend_Session instead of session_start() in the /concrete/startup/session.php file, but that doesn't appear to be one of files you can put at the root level and override what you have in the concrete folder. WWAD (what would Andrew do... haha)
Andrew, if you read this, please be sure to check my previous post for my question to you.
I just wanted to let you know, for the interim, I was able to get it to work by replacing session_start() with Zend_Session::start() in the /concrete/startup/session.php file. This is definitely not ideal since I'll have to remember to go back and fix that if I ever upgrade concrete and it's kind of hoaky. Anyway, I have Concrete actually authenticating against an Active Directory LDAP now! I'm going to just use this for the moment, but I do want to get this either incorporated into Concrete or make it an add-on. I want to wait and see how you want to proceed with it before I go any further on this piece.
I just wanted to let you know, for the interim, I was able to get it to work by replacing session_start() with Zend_Session::start() in the /concrete/startup/session.php file. This is definitely not ideal since I'll have to remember to go back and fix that if I ever upgrade concrete and it's kind of hoaky. Anyway, I have Concrete actually authenticating against an Active Directory LDAP now! I'm going to just use this for the moment, but I do want to get this either incorporated into Concrete or make it an add-on. I want to wait and see how you want to proceed with it before I go any further on this piece.
