Webdav and LDAP

Author Message

Bryan Fransman

Tuesday 25 January 2005 6:27:37 am

I've come across a road block in my evaluation of eZ publish... I'm not sure if this is a bug, or if I am missing something. I've searched the documentation, forms - the web etc. etc.

Current config:

Apache 2
PHP 4.3.8
OpenLDAP 2.1.22
eZ Publish 3.5.0

LDAP authentication works for site access. Currently all LDAP users are created as members of the "Editors" group.

Webdav access works, with one exception, LDAP accounts are unable to access webdav. If I create a user in eZ publish, that user is able to access webdav.

Any pointers in the right direction would be greatly appreciated.

Balazs Halasy

Tuesday 25 January 2005 8:11:34 am

Hi,

You're right - it doesn't work (because these things were not coordinated the time they were developed). I'll try to explain tomorrow why & perhaps how you can make it work (you'll have to modify some php files, but it is easy). Stay tuned.

Allman

Balazs Halasy

Wednesday 26 January 2005 5:00:50 am

Hi,

We've looked at this issue. The conclusion is: it is a bug. :-) It has been reported, the link to the bugreport is: http://ez.no/community/bugs/loginhandler_issues_webdav_example

If you really need to make this work then I suggest that you study how the kernel/user/login.php file takes care of logging in users. It seems that there is some code there which goes through the various login handlers (standard, LDAP, etc.) - which should have been moved out to some kind of a wrapper. What you need to do is to replicate this code in the webdav.php file which is in the root of your eZ publish directory. In particular, I think you'll need to add something that looks like this:

...
        $ini =& eZINI::instance();
        if ( $ini->hasVariable( 'UserSettings', 'LoginHandler' ) )
        {
            $loginHandlers = $ini->variable( 'UserSettings', 'LoginHandler' );
        }
        else
        {
            $loginHandlers = array( 'standard' );
        }
        foreach ( array_keys ( $loginHandlers ) as $key )
        {
            $loginHandler = $loginHandlers[$key];
            $userClass =& eZUserLoginHandler::instance( $loginHandler );
            $user = $userClass->loginUser( $userLogin, $userPassword );
            if ( get_class( $user ) == 'ezuser' )
                break;
        }
        if ( get_class( $user ) != 'ezuser' )
            $loginWarning = true;
...

Notice that the code above attempts to log in users by the way of the $userClass (which is connected to the current login handler in the loop) and that the webdav code only logs in users by the standard login handler. This is what you have to change. If you're not able to do this by yourself: I suggest that you wait until the bug is fixed or call up support & pay for an immediate fix.

Allman

Joanie Chembars

Thursday 26 May 2005 1:25:43 pm

Bryan,
Would you mind posting your ldap.ini file...... I am having troubles getting it to work....
Thanks,
joanie

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.