User talk:Martin Siddall

From mediawiki.org
Latest comment: 14 years ago by 67.97.209.36

extension, WinNTLMLDAPAutoAuth.php

why did you limit the records to one, but also put in a place a loop through the records?

did you encounter a problem when multiple records are found? 67.97.209.36 18:27, 30 July 2009 (UTC)Reply

Some additions to Extension:Windows NTLM LDAP Auto Auth[edit]

At the moment I am successfully using your extension for a MediaWiki in the following configuration:

  • MediaWiki 1.15.1
  • PHP 5.2.9-2 (apache2handler)
  • MySQL 5.0.18
  • Apache/2.2.11 (Win32) with mod_auth_sspi/1.0.5

But there were some problems before it would work.

Errors:

1. I replaced the following line 

if (strlen($wgWinLDAPBindUser) &strlen($wgWinLDAPBindPassword)) {

to 

if (strlen($wgWinLDAPBindUser)!=0 & strlen($wgWinLDAPBindPassword)!=0) {

, because there was a boolean comparison is not logical. Accordingly, if the length of the username 21 character, and the password length 10 characters (for example), then the result will be zero.

2. The following code is incorrect: 

if ($records["count"] == 1) {
    $this->debugme("One match found for $NTLMusername");
// some lines skipped
    }
} else {
    $this->debugme("More than one match found for $NTLMusername");
    return false;
}

, because if $records["count"] will be equal to zero, then we get the message "More than one match found for $NTLMusername" in log file.

Some cosmetic changes:

1. I replaced the following code: 

    if ($result != LoginForm::SUCCESS) {
        error_log('Unexpected authentication failure.');
        return;
    }

to 

    if ($result != LoginForm::SUCCESS) {
        error_log('MediaWiki (Auth_NTLM_User_hook): Unexpected authentication failure. Result = '.$result);
        return;
    }

, because as it write message in the error log php, I would like to see from other messages that this is a message from MediaWiki. It is also necessary to see the result of unsuccessful logon. I could not understand why not working login and found that LoginForm return THROTTLED.

2. I replaced the following code: 

fputs($f, "Debug :  " . $input . "\r\n");

to 

fputs($f, "Debug (". date('d-m-Y H:i:s',strtotime("now")) ."):  " . $input . "\r\n");

In conclusion I want to thank you for the useful extension.

Any plans for a non-phpisapi version of NTLM Authentication?[edit]

Hi Martin,

any current plans to make NTLM authentication extension work with php 5.2.14 and above?

Retrieved from "https://www.mediawiki.org/w/index.php?title=User_talk:Martin_Siddall&oldid=356331"