Jump to content

Topic on Extension talk:LDAPAuthentication2/Flow

No domain list on login page

10
Qyingy (talkcontribs)

I refer the maunal write the follows in LocalSettings.php file, and have right ldapprovider.json,

but ,why my login page do not have domain list,only username and password input


wfLoadExtension( 'PluggableAuth' );

wfLoadExtension( 'LDAPAuthentication2' );

wfLoadExtension( 'LDAPProvider' );

wfLoadExtension( 'LDAPUserInfo' );

wfLoadExtension( 'LDAPGroups' );

$wgPluggableAuth_EnableLocalLogin = true;

$LDAPAuthentication2AllowLocalLogin = true;

$ldapJsonFile = "/var/www/html/extensions/LDAPProvider/ldapprovider.json";

$LDAPProviderDomainConfigs = $ldapJsonFile;

$wgPluggableAuth_Config['Log In (LDAP1)'] = [

   'plugin' => 'LDAPAuthentication2',

   'data' => [

       'domain' => 'LDAP1',

   ]

];

Osnard (talkcontribs)

There should be two buttons. One saying "Login" (that's the "local login") and one saying "Log In (LDAP1)'". Can you confrim?

Also, please make sure your ldapprovider.json is not web accessible.

61.66.146.179 (talkcontribs)

hi ,OSnard

Thank you very much firstly ,but

My LocalSettings.php about LDAP is as follows:

#---Extension LDAPProvider

wfLoadExtension( 'LDAPProvider' );

$ldapJsonFile = "/etc/mediawiki/ldapprovider.json";

$LDAPProviderDomainConfigs = $ldapJsonFile;

$LDAPProviderDomainConfigProvider = "\\MediaWiki\\Extension\\LDAPProvider\\DomainConfigProvider\\LocalJSONFile::newInstance";


#---Extension PluggableAuth

wfLoadExtension( 'PluggableAuth' );

$wgPluggableAuth_EnableLocalLogin = false;

$wgPluggableAuth_EnableAutoLogin = false;


#---Extension LDAPAuthentication2

#wfLoadExtension( 'LDAPUserInfo' );

#wfLoadExtension( 'LDAPGroups' );

wfLoadExtension( 'LDAPAuthentication2' );

$LDAPAuthentication2AllowLocalLogin = true;

#$LDAPAuthentication2UsernameNormalizer = "strtolower";

$wgPluggableAuth_Config['Log In (LDAP1)'] = [

   'plugin' => 'LDAPAuthentication2',

   'data' => [

       'domain' => 'LDAP'

   ]


my ldapprovider.json is as follow:

-rw-r--r-- 1 www-data www-data ldapprovider.json

{

       "LDAP": {

               "connection": {

                       "server": "172.21.218.101",

                       "port":"389",

                       "user": "acnmediawiki",

                       "pass": "xxxxx",

                       "enctype": "clear",

                       "options": {

                               "LDAP_OPT_DEREF": 1

                       },

                       "basedn": "DC=AXX,DC=MYCOMPANY,DC=CORP",

                       "groupbasedn": "DC=AXX,DC=MYCOMPANY,DC=CORP",

                       "userbasedn": "DC=AXX,DC=MYCOMPANY,DC=CORP",

                       "searchattribute": "samaccountname",

                       "searchstring": "CN=USER-NAME,OU=AXX,DC=AXX,DC=MYCOMPANY,DC=CORP",

                       "usernameattribute": "samaccountname",

                       "realnameattribute": "displayname",

                       "emailattribute": "mail"

               }

       }

}

Only username and password input and one loggin button,

the domain selection still has not appear on the loggin webpage yet, Can you help me.


the version information:

MediaWiki : 1.41.1

PHP  : 8.1.2-1ubuntu2.18 (apache2handler)

ICU  : 70.1

MariaDB  : 10.6.18-MariaDB-0ubuntu0.22.04.1

Lua  : 5.1.5

Pygments  : 2.16.1

LDAPAuthentication2  : 3.0.0-alpha (c11a143)

LDAPProvider  : 3.0.0-alpha (04e6499)

PluggableAuth  : 7.1.0 (b8e2e84)

This post was hidden by Qyingy (history)
This post was hidden by Qyingy (history)
Qyingy (talkcontribs)

@Osnard Can you give me some help?

I want to login with local users and ldap user with only one login button. And in the future, there will be multiple ldap domain connect, so I hope a domain selector appears on the login webpage. The local and multi-domain can be selected by the selecter and use only one login button, How can I do it.

Osnard (talkcontribs)

[...] the domain selection still has not appear on the loggin webpage yet, [...]

Newer versions of Extension:LDAPAuthentication2 do not feature a "domain selection" on Special:Userlogin anymore. Instead each configured domain will be shown as a dedicated button (in your case with the label "Log In (LDAP1)"). With $wgPluggableAuth_EnableLocalLogin = false; you will also not see another login button for the local login (usually with label "Login"). If you don't see a button for your configured PluggableAuth plugin, then I guess your configuration may not be evaluated properly during the web request. Have you tried to wire debug logging and check if there is any hint in them?

Qyingy (talkcontribs)

@Osnard Yes, I tried to add multiple $wgPluggableAuth_Config with different ldap domain ,multiple login button appears, just like you said.

Then I have tried the old extension:LdapAuth, It has "domain selection", but the version required are too old. so I have to give up it.

Qyingy (talkcontribs)

@Osnard Can you give me some advice, if I want to login with local users and ldap user with only one login button. And in the future, there will be multiple ldap domain connect, so I hope a domain selector appears on the login webpage. The local and multi-domain can be selected by the selecter and use only one login button, How can I do it.

Osnard (talkcontribs)

The new extensions do not implement a domain selector anymore. There will be one button for each PluggableAuth plugin (=domain in this case). And one separate for "local login" if enabled.

Reply to "No domain list on login page"