Hi,
so, the AD connect is correct and the SSO login uses a wrong username? SSO shouldn't use a password.
bye
Thorsten
IIS / PHP 5.4 / LDAP / SSO Problem
Moderator: Thorsten
Re: IIS / PHP 5.4 / LDAP / SSO Problem
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: IIS / PHP 5.4 / LDAP / SSO Problem
Yep the AD connect is correct, confirmed with SSO disabled but LDAP enabled. With LDAP enabled i'm able to use my AD credentials to login to phpmyfaq.
It shouldn't ask for a password but once SSO is enabled all i get is the login box and i can't seem to do anything because even though we know LDAP auth is working it doesn't except the username and password.
It shouldn't ask for a password but once SSO is enabled all i get is the login box and i can't seem to do anything because even though we know LDAP auth is working it doesn't except the username and password.
Re: IIS / PHP 5.4 / LDAP / SSO Problem
Hi,
our SSO implementation only checks the username fetched from $_SERVER['REMOTE_USER'], no password. Where is the password stored to put it into phpMyFAQ's authentication?
bye
Thorsten
our SSO implementation only checks the username fetched from $_SERVER['REMOTE_USER'], no password. Where is the password stored to put it into phpMyFAQ's authentication?
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: IIS / PHP 5.4 / LDAP / SSO Problem
Ok i fixed it.
I worked out the problem was in the REMOTE_USER as it contains the DOMAIN\user which isn't correct it should be just the username. So the SSO.php is trying to compare the remote_user (DOMAIN\username) against username so its always false.
I changed the SSo.php
Then change the if statements to check $ruser instead which worked.
I hope this helps.
I worked out the problem was in the REMOTE_USER as it contains the DOMAIN\user which isn't correct it should be just the username. So the SSO.php is trying to compare the remote_user (DOMAIN\username) against username so its always false.
I changed the SSo.php
Code: Select all
$ruser = explode("\\",$_SERVER['REMOTE_USER']);
Code: Select all
e.g. if (!isset($ruser[1])) {
....
Re: IIS / PHP 5.4 / LDAP / SSO Problem
Hi,
awesome! I'll add your fix to the 2.8.3 release!
bye
Thorsten
awesome! I'll add your fix to the 2.8.3 release!
bye
Thorsten
phpMyFAQ Maintainer and Lead Developer
amazon.de Wishlist
amazon.de Wishlist
Re: IIS / PHP 5.4 / LDAP / SSO Problem
Hi
Would you be able to post the full code for your updated SSo.php.
I've got the same issue as yourself, but not being a PHP coder, I'm not sure what I need to edit to get it working before Thorsten is able to release 2.8.3
Thanks
Jon
Would you be able to post the full code for your updated SSo.php.
I've got the same issue as yourself, but not being a PHP coder, I'm not sure what I need to edit to get it working before Thorsten is able to release 2.8.3
Thanks
Jon
-
- Posts: 10
- Joined: Mon Jun 23, 2014 8:37 am
Re: IIS / PHP 5.4 / LDAP / SSO Problem
This is the exact problem that I am having.
We are using the latest version of PMF on IIS8 and PHP 5.5.
LDAP is working and users are able to login. If I then enable SSO then users that have logged in previously are logged in without any issues. If a user has not logged in before then are logged in as a guest/ghost user and the user control panel is blank as per the images above.
I have tried changing Sso.php as per the previous poster but it would appear that the file has been changed since by Thorsten.
Is anyone able to help as this is the final step before I can publish this software to my users.
Regards,
Michael
We are using the latest version of PMF on IIS8 and PHP 5.5.
LDAP is working and users are able to login. If I then enable SSO then users that have logged in previously are logged in without any issues. If a user has not logged in before then are logged in as a guest/ghost user and the user control panel is blank as per the images above.
I have tried changing Sso.php as per the previous poster but it would appear that the file has been changed since by Thorsten.
Is anyone able to help as this is the final step before I can publish this software to my users.
Regards,
Michael