IIS / PHP 5.4 / LDAP / SSO Problem

All about webserver configurations, PHP and databases.

Moderator: Thorsten

Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by Thorsten »

Hi,

so, the AD connect is correct and the SSO login uses a wrong username? SSO shouldn't use a password.

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
faqn00b
Posts: 5
Joined: Wed Aug 21, 2013 9:37 am

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by faqn00b »

Yep the AD connect is correct, confirmed with SSO disabled but LDAP enabled. With LDAP enabled i'm able to use my AD credentials to login to phpmyfaq.

It shouldn't ask for a password but once SSO is enabled all i get is the login box and i can't seem to do anything because even though we know LDAP auth is working it doesn't except the username and password.
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by Thorsten »

Hi,

our SSO implementation only checks the username fetched from $_SERVER['REMOTE_USER'], no password. Where is the password stored to put it into phpMyFAQ's authentication?

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
faqn00b
Posts: 5
Joined: Wed Aug 21, 2013 9:37 am

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by faqn00b »

Ok i fixed it.

I worked out the problem was in the REMOTE_USER as it contains the DOMAIN\user which isn't correct it should be just the username. So the SSO.php is trying to compare the remote_user (DOMAIN\username) against username so its always false.

I changed the SSo.php

Code: Select all

$ruser = explode("\\",$_SERVER['REMOTE_USER']);
Then change the if statements to check $ruser instead which worked.

Code: Select all

e.g. if (!isset($ruser[1])) {
             ....
I hope this helps.
Thorsten
Posts: 15560
Joined: Tue Sep 25, 2001 11:14 am
Location: #phpmyfaq
Contact:

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by Thorsten »

Hi,

awesome! I'll add your fix to the 2.8.3 release!

bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
JonM
Posts: 6
Joined: Fri Nov 01, 2013 1:12 pm

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by JonM »

Hi

Would you be able to post the full code for your updated SSo.php.

I've got the same issue as yourself, but not being a PHP coder, I'm not sure what I need to edit to get it working before Thorsten is able to release 2.8.3

Thanks

Jon
linkazoid2
Posts: 10
Joined: Mon Jun 23, 2014 8:37 am

Re: IIS / PHP 5.4 / LDAP / SSO Problem

Post by linkazoid2 »

This is the exact problem that I am having.

We are using the latest version of PMF on IIS8 and PHP 5.5.

LDAP is working and users are able to login. If I then enable SSO then users that have logged in previously are logged in without any issues. If a user has not logged in before then are logged in as a guest/ghost user and the user control panel is blank as per the images above.

I have tried changing Sso.php as per the previous poster but it would appear that the file has been changed since by Thorsten.

Is anyone able to help as this is the final step before I can publish this software to my users.

Regards,

Michael
Post Reply