Forum OpenACS Development: Re: ns_ldap with bind procedure

Collapse
Posted by Michael Steigman on
The changes were never incorporated into the AOLserver repository unfortunately. Who can follow up on this?

Meanwhile, as the instructions indicate, you can download the latest version with bind support from:

http://www.sussdorff.de/resources/nsldap.tgz

(there's an extra 's' in the URL in the docs)

Collapse
Posted by Orzenil Silva Junior on
please, where do i get nsldap with bind procedure to download?

I tried to use link above but there is no response from server.

Collapse
Posted by Tom Jackson on
If you can get the updated version that would be great, and please tell us so we can update the repository. But ldap is a relatively difficult protocol. I wrote a simple AOLserver module which didn't use the pools interface. But what exactly you mean by bind, I don't know. There are several types of binding with ldap.

Anyway, my advice is that if you must use ldap, get someone who is familiar with the API. It isn't an obvious interface, too much logic must be handled by the client.

Collapse
Posted by Orzenil Silva Junior on
Tom,

i'm trying to use ns_ldap to enable the AOLserver to connect to the LDAP server. In my setup i'm using OpenACS auth-ldap package to create an authority to authenticate users using the LDAP authentication mechanism.

I downloaded nsldap module from AOLserver sourceforge repository but when i try to authenticate in my openacs system against LDAP following message is logged by AOLserver

-----
Error: auth::authenticate: error invoking authentication driver for authority_id = xxxx: ns_ldap: Unknown command "bind": should be bouncepool, connected, disconnect, gethandle, host, password, poolname, releasehandle, or user
---

This post https://openacs.org/forums/message-view?message_id=277179 tells that based on my setup i need a patched version of nsldap aolserver module with bind command support.

This quick howto here https://openacs.org/forums/message-view?message_id=937445
points to the same link above to download the patched version.

Collapse
Posted by Orzenil Silva Junior on
ok, authentication with LDAP is working now using nsldap from aolserver cvs.

Just set BindAuthenticationP parameter from //yourhost/acs-admin/auth/authority-parameters?authority_id=XXX as empty (instead 1, as described in howto https://openacs.org/forums/message-view?message_id=937445).

With this set up ns_ldap try to retrieve the password from LDAP (attribute: userPassword) and compare it against the password provided by user in LDAP openacs authority.