Forums / Install & configuration / can I create two ldap LoginHandler ?

can I create two ldap LoginHandler ?

« 
Previous topic
|
Install & configuration
|
Next topic
 »
Author Message

akiuni sanka

Thursday 20 May 2010 12:05:19 am

Hello

I need to authentify my users from 2 different Active Directory domains (=> 2 LDAP servers with different configuration inside). Does somebody has already done this ? If not, how can I do that ? I haven't found any post...

I was wondering if I could copy the ldap.ini to ldap2.ini, and then create a ldap2.ini.append.php where I configure the second domain configuration. Lastly, I could add a loginHandler in the site.ini.append.php. This would become :

[UserSettings]
LoginHandler[]
LoginHandler[]=LDAP
LoginHandler[]=LDAP2

Can you tell me if this could work ? if not, have you an idea on how to build my 2 domains authentication ?

thanks in advance....

akiuni

Bertrand Dunogier

Thursday 20 May 2010 1:23:59 am

Well, technically, you can chain multiple login handlers. This is what is usually done with LDAP, actually: first standard, so that the local user can be tried first, then LDAP as a fallback.

So if you have 2 different LDAP login handlers, the second one will be used if the first one fails, as simple as that.

Bertrand Dunogier
eZ Systems Engineering, Lyon
http://twitter.com/bdunogier
http://gplus.to/BertrandDunogier

akiuni sanka

Thursday 20 May 2010 4:14:21 am

thanks for your answer Bertrand, do you think that the "ldap2" trick will work ?

I just fear that ezpublish won't accept it...

akiuni sanka

Thursday 20 May 2010 4:32:28 am

ok, I had a look to the sources files and I think that I have found my answer. The "ldap.ini" file is hardcoded in the following file :

./kernel/classes/datatypes/ezuser/ezldapuser.php :

$LDAPIni = eZINI::instance( 'ldap.ini' );

so I guess that ezpublish won't accept my ldap2 without creating a new type of users... ezldap2user for exemple.

thanks

akiuni