5450 Posts in 1672 Topics by 1197 members
Page: 1 2
|Go to End||Next >|
27 August 2012 at 10:59am
Hello to all fellow SilverStripers,
I was wondering if anyone out there has managed to get this working whether with or without a module, the current module to support this was the 'auth_external' module, but hasn't been updated to suit the new version, as the last version it ran on properly was 2.3 and 2.4.
I am currently trying to create this for my company intranet as they are based on Microsoft Exchange, but the web server I am working on is a Ubuntu Server which we want to keep separate from all else, and so is running on Apache. I'm still very new to SilverStripe so am getting the hang of it slowly.
Thanks for any help in advanced.
4 September 2012 at 10:33pm
I'm looking at this also at the moment. I've only had half an hour to look at the moment, and I can see there is some changes needed.
I found what seems to be the latest version at https://github.com/hamishcampbell/silverstripe-auth-external (on the silverstripe modules page, I could only find a svn link, which is older).
However after installing this, following the installation instructions and running /dev/build there are deprecation error, indicating that this code has not been updated at all for SS3:
DataObjectDecorator is deprecated. DataObjectDecorator is deprecated. Use DataExtension instead.
Strict Standards: Declaration of ExternalAuthenticatedRole::canEdit() should be compatible with that of DataExtension::canEdit() in auth_external\code\ExternalAuthenticatedRole.php on line 16
Strict Standards: Declaration of ExternalAuthenticatedRole::extraStatics() should be compatible with that of DataExtension::extraStatics() in auth_external\code\ExternalAuthenticatedRole.php on line 16
Strict Standards: Declaration of ExternalAuthenticatedRole::updateCMSFields() should be compatible with that of DataExtension::updateCMSFields() in auth_external\code\ExternalAuthenticatedRole.php on line 16
You turn off this deprecation error (not fix the code, mind) you can open the framework/_config file and change line 60 to:
Now the login box shows up, after submitting the login however there's another deprecation error:
Director::redirect is deprecated. Use Controller->redirect() instead. Called from ExternalLoginForm->dologin.
At this point I concluded that it's better use of my time to see if someone else has got this working, or attempt to fix the module myself. Hope this helps, keep me updated.
5 September 2012 at 10:08am
Thanks for posting this, as it did help in the sense that I came to the same conclusions and came across the same deprecation messages.
I'm still a fair bit off from being able to rewrite this module to suit SilverStripe 3.0 but I think I'm going to attempt it anyways until I see something better, or the module is updated, or (unlikely) I manage to get the module working. Correctly mind you.
6 September 2012 at 3:53am
I'll be trying to fork the github project and submit a pull request for any (if any) fixes. Keep us updated with any progress
12 September 2012 at 3:14am Last edited: 12 September 2012 8:06pm
I've got some success, I am able to login to Silverstripe using my ActiveDirectory credentials.
This has only been tested by me.
I've submitted a pull request for the code changes: https://github.com/hamishcampbell/silverstripe-auth-external/pull/9
I'm using the following _config.php, this automatically creates user accounts and keeps them synced, make sure that any content authors are added to the SilverstripeContentAuthors Active Directory group in this case:
ExternalAuthenticator::setOption('activedirectory', 'basedn', '<domaincontroller object name>');
ExternalAuthenticator::setOption('activedirectory', 'attribute', 'sAMAccountName');
ExternalAuthenticator::setOption('activedirectory', 'extra_attributes', array(
'objectclass' => 'user',
ExternalAuthenticator::setOption('activedirectory', 'passwd_expiration', true);
ExternalAuthenticator::setOption('activedirectory', 'firstname_attr', 'givenName');
ExternalAuthenticator::setOption('activedirectory', 'surname_attr', 'sn');
ExternalAuthenticator::setOption('activedirectory', 'email_attr', 'mail');
ExternalAuthenticator::setOption('activedirectory', 'group_attr', 'memberOf');
'SilverstripeContentAuthors' => 'content-authors',
ExternalAuthenticator::setOption('activedirectory', 'bind_as','<cn for account>');
For information on the options see the _config.php that comes with the module.
12 September 2012 at 4:36pm
Mate that is some good news indeed! I shall pull down your files from github and give them a try with the _config.php settings you've shown but customed to what I need and get back to you on how they worked. It'll be a few days as I'm out on the road and get a chance to implement your changes but hopefully by either Friday or Monday I can have something to say about how my test run goes!
Cheers for this.
19 September 2013 at 4:35pm
I am evaluating to see if SilverStripe will be a valid option for us at the moment. I wanted to make sure that there is some support for LDAP either through a module or any other way.
I found this thread and I thought it might be good to ask you guys about it. Can anybody confirm to me if this module that is discussed here works with the latest version of SilverStripe which at the moment is 3.0.5?
19 September 2013 at 10:21pm Last edited: 19 September 2013 10:24pm
auth_external as you can tell from the Github repo readme is compatible with 3.0+, unfortunately not yet with 3.1. My patches so far have been accepted and I now have direct repo access now. Make sure you use https://github.com/hamishcampbell/silverstripe-auth-external
We're using it for several silverstripe sites at the college I work for, using Silverstripe 3.0.5 and it's working without any problems. if you are experiencing any problems please file an issue on https://github.com/hamishcampbell/silverstripe-auth-external/issues?state=open
RE 3.1 SUPPORT
Once we start moving to 3.1 (probably when other modules require it) I would suggest to branch the current version into a 3.0 compatible branch and supporting both 3.0 and 3.1.
I'm happy to accept patches if you'd like to contribute, I could start the branch process with a bit of notice before being able to develop on it.
RE YOUR SETUP
We are using silverstripe with the auth_external on a linux ubuntu server (with apache) in a Microsoft domain with Active Directory.
Hope that helps.
Page: 1 2
|Go to Top||Next >|