HOW TO LOG IN WITH ACTIVE DIRECTORY CREDENTIALS

If you're a new user of AppGini, feel free to ask general usage questions, or look for answers here.
Post Reply
dallo
Posts: 8
Joined: 2014-05-19 14:43

HOW TO LOG IN WITH ACTIVE DIRECTORY CREDENTIALS

Post by dallo » 2014-12-17 15:50

Hello every one,

can some one please help me out with this. I would like my users to be able to log in with their ACTIVE DIRECTORY accounts.

I would be most grateful.

Thanks
Dallo

udayvatturi
AppGini Super Hero
AppGini Super Hero
Posts: 85
Joined: 2014-06-14 03:08
Location: India
Contact:

Re: HOW TO LOG IN WITH ACTIVE DIRECTORY CREDENTIALS

Post by udayvatturi » 2014-12-17 20:12

You can use LDAP.

In login hook, you can take the credentials of the user and try to bind to the AD, if it binds return true else redirect the user to logout page.

dallo
Posts: 8
Joined: 2014-05-19 14:43

Re: HOW TO LOG IN WITH ACTIVE DIRECTORY CREDENTIALS

Post by dallo » 2014-12-17 20:35

Hello udey,

Thanks for your reply. Please can you help me out with the code as I am not so grounded with php, and I like appgini so well.

I would be most grateful.

Thank you
dallo

leandro275
Posts: 2
Joined: 2016-12-27 17:22

Re: HOW TO LOG IN WITH ACTIVE DIRECTORY CREDENTIALS

Post by leandro275 » 2016-12-27 17:23

Hello, if someone can help me in the code too, thanks.

User avatar
fbrano
Veteran Member
Posts: 70
Joined: 2018-03-19 10:39
Location: Slovakia
Contact:

Re: HOW TO LOG IN WITH ACTIVE DIRECTORY CREDENTIALS

Post by fbrano » 2018-06-27 04:53

Hi I am also desperately waiting for that code. Thank you in advance.
ver 23.15 1484

SSchimkat
Veteran Member
Posts: 31
Joined: 2018-01-04 18:49

Re: HOW TO LOG IN WITH ACTIVE DIRECTORY CREDENTIALS

Post by SSchimkat » 2018-07-13 09:06

Hi everyone

This hack works just fine: https://forums.appgini.com/phpbb/viewtopic.php?t=2707

A hook for creating custom validation would be nice - but until then .. the above hack works fine.

Hint: Build a patch containing the hack, that can be applied, when ever you rebuild the code:

Code: Select all

diff -Naur PackMan/incCommon.php PackManMOD/incCommon.php
--- incCommon.php	2018-07-13 10:06:48.429028556 +0200
+++ incCommon.php	2018-07-13 10:42:37.575924821 +0200
@@ -269,56 +269,67 @@
 
 	#########################################################
 
-	function logInMember(){
-		$redir = 'index.php';
-		if($_POST['signIn'] != ''){
-			if($_POST['username'] != '' && $_POST['password'] != ''){
-				$username = makeSafe(strtolower($_POST['username']));
-				$password = md5($_POST['password']);
-
-				if(sqlValue("select count(1) from membership_users where lcase(memberID)='$username' and passMD5='$password' and isApproved=1 and isBanned=0")==1){
-					$_SESSION['memberID']=$username;
-					$_SESSION['memberGroupID']=sqlValue("select groupID from membership_users where lcase(memberID)='$username'");
-					if($_POST['rememberMe']==1){
-						@setcookie('PackMan_rememberMe', md5($username.$password), time()+86400*30);
-					}else{
-						@setcookie('PackMan_rememberMe', '', time()-86400*30);
-					}
-
-					// hook: login_ok
-					if(function_exists('login_ok')){
-						$args=array();
-						if(!$redir=login_ok(getMemberInfo(), $args)){
-							$redir='index.php';
-						}
-					}
-
-					redirect($redir);
-					exit;
-				}
-			}
-
-			// hook: login_failed
-			if(function_exists('login_failed')){
-				$args=array();
-				login_failed(array(
-					'username' => $_POST['username'],
-					'password' => $_POST['password'],
-					'IP' => $_SERVER['REMOTE_ADDR']
-					), $args);
-			}
-
-			if(!headers_sent()) header('HTTP/1.0 403 Forbidden');
-			redirect("index.php?loginFailed=1");
-			exit;
-		}elseif((!$_SESSION['memberID'] || $_SESSION['memberID']==$adminConfig['anonymousMember']) && $_COOKIE['PackMan_rememberMe']!=''){
-			$chk=makeSafe($_COOKIE['PackMan_rememberMe']);
-			if($username=sqlValue("select memberID from membership_users where convert(md5(concat(memberID, passMD5)), char)='$chk' and isBanned=0")){
-				$_SESSION['memberID']=$username;
-				$_SESSION['memberGroupID']=sqlValue("select groupID from membership_users where lcase(memberID)='$username'");
-			}
-		}
-	}
+function logInMember() {
+    $redir = 'index.php';
+    if ($_POST['signIn'] != '') {
+        if ($_POST['username'] != '' && $_POST['password'] != '') {
+            $username = makeSafe(strtolower($_POST['username']));
+            $password = md5($_POST['password']);
+            $ldap_username = 'YOUR-DOMAIN\\'.$_POST['username']; 
+            $ldap_password = $_POST['password'];
+            $link = ldap_connect('your.directory.server.local'); 
+            if ($link) {
+                ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, 3);
+                if (ldap_bind($link, $ldap_username, $ldap_password)) { 
+                    $ldap_authorized = true;
+                    $_POST['rememberMe'] = 0; 
+                }
+            }
+            if ($ldap_authorized) { 
+
+                if (sqlValue("select count(1) from membership_users where lcase(memberID)='$username' and isApproved=1 and isBanned=0") == 1) {
+                    $_SESSION['memberID'] = $username;
+                    $_SESSION['memberGroupID'] = sqlValue("select groupID from membership_users where lcase(memberID)='$username'");
+                    if ($_POST['rememberMe'] == 1) {
+                        @setcookie('helpdesk_rememberMe', md5($username.$password), time() + 86400 * 30);
+                    } else {
+                        @setcookie('helpdesk_rememberMe', '', time() - 86400 * 30);
+                    }
+
+                    if (function_exists('login_ok')) {
+                        $args = array();
+                        if (!$redir = login_ok(getMemberInfo(), $args)) {
+                            $redir = 'index.php';
+                        }
+                    }
+
+                    redirect($redir);
+                    exit;
+                }
+            }
+        }
+
+        if (function_exists('login_failed')) {
+            $args = array();
+            login_failed(array(
+                'username' => $_POST['username'],
+                'password' => $_POST['password'],
+                'IP' => $_SERVER['REMOTE_ADDR']
+            ), $args);
+        }
+
+        if (!headers_sent()) header('HTTP/1.0 403 Forbidden');
+        redirect("index.php?loginFailed=1");
+        exit;
+    }
+    elseif((!$_SESSION['memberID'] || $_SESSION['memberID'] == $adminConfig['anonymousMember']) && $_COOKIE['helpdesk_rememberMe'] != '') {
+        $chk = makeSafe($_COOKIE['helpdesk_rememberMe']);
+        if ($username = sqlValue("select memberID from membership_users where convert(md5(concat(memberID, passMD5)), char)='$chk' and isBanned=0")) {
+            $_SESSION['memberID'] = $username;
+            $_SESSION['memberGroupID'] = sqlValue("select groupID from membership_users where lcase(memberID)='$username'");
+        }
+    }
+}
 
 	#########################################################
 

Post Reply