LDAP Authentication...

aaugustj

Joined: 2005-07-25
Posts: 6

Posted: Thu, 2006-12-07 17:42

Back over the Summer during Google's Summer of Code, I had seen some prospect of LDAP authentication being available for Gallery 2. Does anyone know what happened to that and if any LDAP support is planned or how hard it would be if I wanted to do it myself?

Login or register to post comments

valiant

Joined: 2003-01-04
Posts: 32168

Posted: Sat, 2006-12-09 00:01

The student responsible for that project didn't show up. It was pretty disappointing to say the least.

There's noone working on LDAP integration as far as I know.
It shouldn't be too hard, but you'd have to get your hands dirty by learning some things about the gallery 2 framework and by writing some php code.

Login or register to post comments

johannesl

Joined: 2006-12-20
Posts: 2

Posted: Wed, 2006-12-20 17:32

Hi!

My company is going to use G2 as its corporate image database, and therefore we need LDAP authentication, which means that I will write it and we will later contribute it to the project.

I had a look at G2's code today, and I'd like to discuss this with some more G2-experienced developer:

I'm not shure how to write it: is it possible to write a pluggable module for this (my guess: no?), or should I extend or modify the core-GalleryUser.class and GalleryUserHelper-classes?

The plan would be to authenticate a user with LDAP, and create this user as regular G2-user if he doesn't exist yet, but without his password. If LDAP authentication fails, I would try to authenticate the user with the regular G2 username/password mechanism, e.g. for the admin account.

Right?

Regards, Johannes

Login or register to post comments

valiant

Joined: 2003-01-04
Posts: 32168

Posted: Thu, 2006-12-21 03:30

Yes, this can be done in a modular way, no need to change any G2 files.
That's speculative since I haven't thought this through to the end, but from my experience with G2 integrations, this should be possible.

If you want to discuss this, you can chat with developers in irc #gallery on irc.freenode.net.

One way to make LDAP work is through GalleryEmbed creating a wrapper around G2 that checks LDAP first.
See http://codex.gallery2.org/index.php/Gallery2:Embedding (docs -> development -> integration)

Another way is to use the authplugin (also used by the httpauth module in g2.2).

Login or register to post comments

johannesl

Joined: 2006-12-20
Posts: 2

Posted: Thu, 2006-12-21 06:42

Thanks for the hints, I'll have a look at it, and I think with some kind of module blueprint for that it won't be too difficult. I'll return to it next week...

Login or register to post comments

cpohle

Joined: 2007-02-12
Posts: 1

Posted: Mon, 2007-02-12 14:57

Hi. Any news on this issue? Johannesl, did you proceed / succeed in developing a LADP module for your company?

Login or register to post comments

pkarjala

Joined: 2005-06-14
Posts: 65

Posted: Wed, 2007-04-11 19:38

Greetings!

I created a LDAP solution for Gallery 1.5.2 (thread at http://gallery.menalto.com/node/31761). I've been wanting to sit down and work on a working solution for 2.2 for some time now, so if someone with a populated LDAP server would like to coordinate on it, I'd love to do so.

-Patrick

Login or register to post comments

harryguy082589

Joined: 2005-04-27
Posts: 13

Posted: Wed, 2007-04-18 06:24

Any updates?h

Login or register to post comments

gwarf

Joined: 2007-05-22
Posts: 2

Posted: Tue, 2007-05-22 12:29

pkarjala wrote:

Greetings!

I created a LDAP solution for Gallery 1.5.2 (thread at http://gallery.menalto.com/node/31761). I've been wanting to sit down and work on a working solution for 2.2 for some time now, so if someone with a populated LDAP server would like to coordinate on it, I'd love to do so.

-Patrick

Hi,
I'm trying to get Gallery2 work with OpenLDAP, for now I'm using the Http Auth plugin, the authentication against the LDAP directory works, but first I have to sync the Gallery users database and the LDAP directory, secund the users can edit their unused Gallery DB password... and that's far from perfect
It looks that your plugin did correct these problems...
So, if you want, I can help you setting up a working OpenLDAP directory on one of your box, or I can even set up temporally one of mine for test purpose, contact me by PM if you are interested by one of these propositions.

Best regards,
Baptiste

Login or register to post comments

tooli

Joined: 2008-04-23
Posts: 1

Posted: Wed, 2008-04-23 09:32

Hi,
My company is also intersted in LDAP for Gallery. How is the project going? May I help?

Bests,
Oliver

Login or register to post comments

aaugustj Joined: 2005-07-25 Posts: 6	Posted: Thu, 2006-12-07 17:42
	Back over the Summer during Google's Summer of Code, I had seen some prospect of LDAP authentication being available for Gallery 2. Does anyone know what happened to that and if any LDAP support is planned or how hard it would be if I wanted to do it myself?
	Login or register to post comments XUser login Username: * Password: * Create new account Request new password
valiant Joined: 2003-01-04 Posts: 32168	Posted: Sat, 2006-12-09 00:01
	The student responsible for that project didn't show up. It was pretty disappointing to say the least. There's noone working on LDAP integration as far as I know. It shouldn't be too hard, but you'd have to get your hands dirty by learning some things about the gallery 2 framework and by writing some php code.
	Login or register to post comments
johannesl Joined: 2006-12-20 Posts: 2	Posted: Wed, 2006-12-20 17:32
	Hi! My company is going to use G2 as its corporate image database, and therefore we need LDAP authentication, which means that I will write it and we will later contribute it to the project. I had a look at G2's code today, and I'd like to discuss this with some more G2-experienced developer: I'm not shure how to write it: is it possible to write a pluggable module for this (my guess: no?), or should I extend or modify the core-GalleryUser.class and GalleryUserHelper-classes? The plan would be to authenticate a user with LDAP, and create this user as regular G2-user if he doesn't exist yet, but without his password. If LDAP authentication fails, I would try to authenticate the user with the regular G2 username/password mechanism, e.g. for the admin account. Right? Regards, Johannes
	Login or register to post comments
valiant Joined: 2003-01-04 Posts: 32168	Posted: Thu, 2006-12-21 03:30
	Yes, this can be done in a modular way, no need to change any G2 files. That's speculative since I haven't thought this through to the end, but from my experience with G2 integrations, this should be possible. If you want to discuss this, you can chat with developers in irc #gallery on irc.freenode.net. One way to make LDAP work is through GalleryEmbed creating a wrapper around G2 that checks LDAP first. See http://codex.gallery2.org/index.php/Gallery2:Embedding (docs -> development -> integration) Another way is to use the authplugin (also used by the httpauth module in g2.2).
	Login or register to post comments
johannesl Joined: 2006-12-20 Posts: 2	Posted: Thu, 2006-12-21 06:42
	Thanks for the hints, I'll have a look at it, and I think with some kind of module blueprint for that it won't be too difficult. I'll return to it next week...
	Login or register to post comments
cpohle Joined: 2007-02-12 Posts: 1	Posted: Mon, 2007-02-12 14:57
	Hi. Any news on this issue? Johannesl, did you proceed / succeed in developing a LADP module for your company?
	Login or register to post comments
pkarjala Joined: 2005-06-14 Posts: 65	Posted: Wed, 2007-04-11 19:38
	Greetings! I created a LDAP solution for Gallery 1.5.2 (thread at http://gallery.menalto.com/node/31761). I've been wanting to sit down and work on a working solution for 2.2 for some time now, so if someone with a populated LDAP server would like to coordinate on it, I'd love to do so. -Patrick
	Login or register to post comments
harryguy082589 Joined: 2005-04-27 Posts: 13	Posted: Wed, 2007-04-18 06:24
	Any updates?h
	Login or register to post comments
gwarf Joined: 2007-05-22 Posts: 2	Posted: Tue, 2007-05-22 12:29
	pkarjala wrote: Greetings! I created a LDAP solution for Gallery 1.5.2 (thread at http://gallery.menalto.com/node/31761). I've been wanting to sit down and work on a working solution for 2.2 for some time now, so if someone with a populated LDAP server would like to coordinate on it, I'd love to do so. -Patrick Hi, I'm trying to get Gallery2 work with OpenLDAP, for now I'm using the Http Auth plugin, the authentication against the LDAP directory works, but first I have to sync the Gallery users database and the LDAP directory, secund the users can edit their unused Gallery DB password... and that's far from perfect It looks that your plugin did correct these problems... So, if you want, I can help you setting up a working OpenLDAP directory on one of your box, or I can even set up temporally one of mine for test purpose, contact me by PM if you are interested by one of these propositions. Best regards, Baptiste
	Login or register to post comments
tooli Joined: 2008-04-23 Posts: 1	Posted: Wed, 2008-04-23 09:32
	Hi, My company is also intersted in LDAP for Gallery. How is the project going? May I help? Bests, Oliver
	Login or register to post comments

LDAP Authentication...

XUser login