Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo

LDAP support for Silverstripe

Go to End

31 Posts   15568 Views


Community Member, 201 Posts

9 October 2007 at 9:49am

Awesome work :-)


Google Summer of Code Hacker, 152 Posts

10 October 2007 at 6:16am

Hi Lancer,

I looked at the code (without actually trying it).. good work!

The only thing I would change I would suggest is to remove the global array $LDAPSERVER. You could use static members on the LDAPAuthenticator class instead.


Forum Moderator, 801 Posts

10 October 2007 at 6:36am

> The only thing I would change I would suggest is to remove the global array $LDAPSERVER.
yeah, that would've been my suggestion as well - planned to write that as a trac-ticket-comment. we should minimize the use of global namespaces, and adhere to silverstripe-conventions.

i've extended the wiki-page on this topic a bit the other day:

skim-read through the code - great stuff lancer!


57 Posts

10 October 2007 at 8:31am

Edited: 11/10/2007 3:34am

Ah, old habits die hard. This was the conventions for configs at the Horde project. I updated the patch in trac (the change wasn't hard, just a lot of work ;-) )

Oops, I forgot to convert the $this->_ds into self::$ds. Will do that this evening

Done. Updated the ticket again. Now it should be compliant with the conventions


57 Posts

14 October 2007 at 11:25pm

Edited: 14/10/2007 11:27pm

Based on the LDAP code I can very easily write an authentication module that uses IMAP/POP3/SMTP (with and without SSL/TLS). That's probably safer to use if your server is in the DMZ than exposing your internal LDAP server to the DMZ (most companies have these protocols running on the outside interfaces nowadays).

Would there be any interest in that?

Wouldn't it be an idea to remove the obsolete tag from this forum? Code and direct comments on the code should be put in trac, but discussing code could be done here.


Community Member, 201 Posts

15 October 2007 at 1:23pm

Re "authentication module that uses IMAP/POP3/SMTP" that sounds useful to me :-)

Keep up the great work :-)


1 Post

15 October 2007 at 6:17pm


i'm new to silverstripe and i saw there is a beta for ldap auth???

i saw it, but i have no idea how to test it. Lancer, may you drop us a line to know how to implement it for test?

Thanks a lot. greetings!!!


57 Posts

15 October 2007 at 6:26pm

More like an alpha, since the code is not yet in svn.

Do a checkout of the Silverstripe trunk. Then download the files from trac ticket 1477. Unpack the tar in the silverstripe root and patch the _config.php in the sapphire directory. Then edit that _config.php to suit your LDAP.