IIS / PHP 5.4 / LDAP / SSO Problem

All about webserver configurations, PHP and databases.

Moderator: Thorsten

Thorsten
Posts: 14781
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by Thorsten » Thu Aug 22, 2013 7:22 am

Hi,

so, the AD connect is correct and the SSO login uses a wrong username? SSO shouldn't use a password.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

faqn00b
Posts: 5
Joined: Wed Aug 21, 2013 9:37 am

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by faqn00b » Thu Aug 22, 2013 12:34 pm

Yep the AD connect is correct, confirmed with SSO disabled but LDAP enabled. With LDAP enabled i'm able to use my AD credentials to login to phpmyfaq.

It shouldn't ask for a password but once SSO is enabled all i get is the login box and i can't seem to do anything because even though we know LDAP auth is working it doesn't except the username and password.

Thorsten
Posts: 14781
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by Thorsten » Fri Aug 23, 2013 6:16 am

Hi,

our SSO implementation only checks the username fetched from $_SERVER['REMOTE_USER'], no password. Where is the password stored to put it into phpMyFAQ's authentication?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

faqn00b
Posts: 5
Joined: Wed Aug 21, 2013 9:37 am

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by faqn00b » Fri Aug 23, 2013 7:04 am

Ok i fixed it.

I worked out the problem was in the REMOTE_USER as it contains the DOMAIN\user which isn't correct it should be just the username. So the SSO.php is trying to compare the remote_user (DOMAIN\username) against username so its always false.

I changed the SSo.php

Code: Select all

$ruser = explode("\\",$_SERVER['REMOTE_USER']);
Then change the if statements to check $ruser instead which worked.

Code: Select all

e.g. if (!isset($ruser[1])) {
             ....
I hope this helps.

Thorsten
Posts: 14781
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by Thorsten » Fri Aug 23, 2013 7:08 am

Hi,

awesome! I'll add your fix to the 2.8.3 release!

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist

JonM
Posts: 6
Joined: Fri Nov 01, 2013 1:12 pm

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by JonM » Fri Nov 01, 2013 1:24 pm

Hi

Would you be able to post the full code for your updated SSo.php.

I've got the same issue as yourself, but not being a PHP coder, I'm not sure what I need to edit to get it working before Thorsten is able to release 2.8.3

Thanks

Jon

linkazoid2
Posts: 10
Joined: Mon Jun 23, 2014 8:37 am

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by linkazoid2 » Thu Jul 03, 2014 12:32 pm

This is the exact problem that I am having.

We are using the latest version of PMF on IIS8 and PHP 5.5.

LDAP is working and users are able to login. If I then enable SSO then users that have logged in previously are logged in without any issues. If a user has not logged in before then are logged in as a guest/ghost user and the user control panel is blank as per the images above.

I have tried changing Sso.php as per the previous poster but it would appear that the file has been changed since by Thorsten.

Is anyone able to help as this is the final step before I can publish this software to my users.

Regards,

Michael

Post Reply