[EP-tech] Re: With LDAP user_login.pl script local users can’t login
John Salter
J.Salter at leeds.ac.uk
Thu Dec 3 10:05:28 GMT 2015
Is there a possibility that there is an LDAP account with the same username as your admin login?
If so, this block:
my $entr = $result->pop_entry;
unless( defined $entr )
{
… #check local admin account
}
would get passed over – and checked against LDAP for the password.
Putting this block first (from the first block of config on the wiki):
my $user = $repo->user_by_username( $username );
return unless $user;
$username = $user->value( "username" );
my $user_type = $user->get_type;
if( $user_type eq "admin" )
{
# internal authentication for "admin" type
return $repo->database->valid_login( $username, $password );
}
would confirm if this is the case or not.
Cheers,
John
From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] On Behalf Of Denis Pitzalis
Sent: 03 December 2015 09:43
To: Eprints Tech Mailing List
Subject: [EP-tech] Re: With LDAP user_login.pl script local users can’t login
Hi Guys, I confirm the issue.
I have a similar configuration using LDAP and Kerberos to authenticate users from my organization. The login mechanism works fine but I am unable to register/authenticate non LDAP users.
Now that I think about, do you think it is possible to use different login systems depending on the email?
Denis
On Thu, Dec 3, 2015 at 10:32 AM, Field A.N. <af05v at ecs.soton.ac.uk<mailto:af05v at ecs.soton.ac.uk>> wrote:
Can LDAP authenticated accounts log in? Can you paste the code in your user_login.pl<http://user_login.pl> file here?
--
Adam Field
Business Relationship Manager and Community Lead
EPrints Services
+44 (0)23 8059 8814<tel:%2B44%20%280%2923%208059%208814>
On 3 Dec 2015, at 09:28, pgasinos pgs wrote:
> I have tried to use the wiki's tutorial about LDAP. I have changed user_roles according to the instructions. The script I have used is "LDAP Authentication with On-Demand Creation of Users" but I couldn't login as administrator. Eprints failed to authenticate with my local admin account.
> *** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
> *** Archive: http://www.eprints.org/tech.php/
> *** EPrints community wiki: http://wiki.eprints.org/
> *** EPrints developers Forum: http://forum.eprints.org/
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/
*** EPrints developers Forum: http://forum.eprints.org/
--
----------------------
Denis Pitzalis, PhD
Web Lead Developer
UNESCO - http://www.unesco.org
Paris, France - Tel: +33145681816
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20151203/714216c5/attachment-0001.html
More information about the Eprints-tech
mailing list