Next Page

1

Previous Page

Thread: LDAP integration?

Created on: 07/11/12 07:19 AM

Replies: 3

andylynch


New Member


Joined: 07/10/12

Posts: 2

LDAP integration?
07/11/12 7:19 AM

Has anyone successfully integrated LDAP (Active Directory) Authentication into Galleon?

Link | Top | Bottom

admin


Experienced Member


Joined: 04/08/04

Posts: 2,947

RE: LDAP integration?
07/11/12 9:35 AM

I'm not sure if it has been done, but it wouldn't be terribly hard to modify the authentication code.

Link | Top | Bottom

andylynch


New Member


Joined: 07/10/12

Posts: 2

RE: LDAP integration?
07/23/12 2:32 PM

You're right, it wasn't hard to do at all, once I finally got back to take a look at it... for the record, anyone who is looking to do this, here's how I got it to work.

I created a new CFC named ADuser.cfc in the CFCs directory. The code is shown below. I just needed to override the "authenticate" function to check Active Directory. Then, also in the CFC folder I modified the ObjectFactory.cfc to create an "ADuser" object instead of a "user" object.

That's it. Thanks for everything Ray. I've used your pages as references for years, you've always been a huge help. :-)

view plain print about
1
2<cfcomponent displayName="ADUser" hint="Overrides user.cfc to allow Active Directory authentication." extends="User">
3
4    <cffunction name="authenticate" access="public" returnType="boolean" output="false"
5                hint="Returns true or false if the user authenticates.">

6        <cfargument name="username" type="string" required="true">
7        <cfargument name="password" type="string" required="true">
8        <cfset var qAuth = "">
9 <cfset var LDAPServerAddress = "LDAPServerName">
10 <cfset var LDAPServerPort = "636">
11 <cfset var LDAPServerTimeOut = "60">
12 <cfset var LDAPContainer = "dc=corp,dc=ds,dc=domainname,dc=com"> <!--- your organization's container --->
13 <cfset var ValidUserId = "">
14 <cfset var ValidUser = "">
15        
16        <!--- Just verify that the username is in the User Table --->
17        <cfquery name="qAuth" datasource="#variables.dsn#">
18            select    id
19            from    #variables.tableprefix#users
20            where    username = <cfqueryparam value="#arguments.username#" cfsqltype="CF_SQL_VARCHAR" maxlength="50">
21            and        confirmed = 1
22        </cfquery>
23 <cfif qAuth.recordCount GT 0>
24     <!--- Username Exists in User table, so attempt to authenticate through Active Directory --->
25
26 <cftry>
27 <!--- if query succeeds, then you have a valid username, password pair --->
28 <cfldap action="QUERY"
29 name="ValidUser"
30 separator="|"
31 attributes="sAMAccountName"
32 start="#LDAPContainer#"
33 scope="SUBTREE"
34 server="#LDAPServerAddress#"
35 port="#LDAPServerPort#"
36 timeout="#LDAPServerTimeOut#"
37 filter="sAMAccountName=#arguments.username#"
38 username="domain\#arguments.username#"
39 password="#arguments.password#"
40 rebind="Yes"
41 secure="cfssl_basic">

42 <cfset ValidUserId = UCase( arguments.username)>
43 <cfcatch type="any">
44 <cfset ValidUserId = "">
45 </cfcatch>
46 </cftry>
47 </cfif>
48        
49    <cfif ValidUserId NEQ "">
50     <cfreturn true>
51 <cfelse>
52     <cfreturn Super.authenticate( arguments.username, arguments.password)>
53 </cfif>
54            
55    </cffunction>
56</cfcomponent>

* Last updated by: andylynch on 7/23/2012 @ 2:33 PM *

Link | Top | Bottom

admin


Experienced Member


Joined: 04/08/04

Posts: 2,947

RE: LDAP integration?
07/23/12 4:55 PM

Thanks for posting the code. :)

Link | Top | Bottom

Next Page

1

Previous Page

New Post

Please login to post a response.