HelpSpot Help Desk Software | HelpSpot Blog | HelpSpot Support

BlackBox authentication not working against LDAP


#1

We have Helpspot 3.1.6, running on Ubuntu 10.04, and posgresql 8.4.11. I’m struggling to get my BlackBox.php to work, it just silently fails to a white page in the browser. I have enabled BlackBox auth under Helpspot settings, and I do see a “username” prompt in the login page. I turned on full php logging, nothing shows up in the logs when I attempt to login. However, my test.php script does succeed so that is something… but it will only work if I skip past the cBASEPATH check in BlackBox.php. Please help, I just can’t seem to get any logging to give me a clue on this… have been poring through apache logs, syslogs, php logs, etc… nothing. I’m new to php too, so I very well am missing something simple.

Here is test.php:

<?php include('custom_code/BlackBox.php'); $conf = array('error_prepend' => '', 'error_append' => '
'); $log = Log::singleton('display', '', '', $conf, PEAR_LOG_DEBUG); BlackBox('eml','XXXX'); ?>

When I load test.php I see in my browser:

info: getVersion=2.0.7
info: filter: (uid=eml)
info: search found 1 entry(ies) for filter: (uid=eml)
info: got dn: uid=eml,ou=users,o=lincware,dc=lincware,dc=com
info: successful bind!

And here is my BlackBox.php:

<?php require_once('Log.php'); require_once('Net/LDAP2.php'); $log = Log::singleton('error_log', PEAR_LOG_TYPE_SYSTEM, 'ident'); if (!defined('cBASEPATH')) { // SECURITY: This prevents this script from being called from outside the // context of HelpSpot $log->log('Expected cBASEPATH'); #die(); } function BlackBox($username, $password){ global $log; $basedn = 'ou=users,o=lincware,dc=lincware,dc=com'; $ldap = Net_LDAP2::connect(array( 'host' => 'localhost', 'port' => 389, 'version' => 3, 'basedn' => $basedn, 'userattr' => 'uid' )); $log->log("getVersion=".$ldap->getVersion()); if (PEAR::isError($ldap)) { $log->log( 'Could not connect to LDAP-server: '.$ldap->getMessage()); return false; } $filter = Net_LDAP2_Filter::create('uid', 'equals', $username); $log->log("filter: ".$filter->asString()); $options = array( 'scope' => 'sub', 'attributes' => array('sn') ); $search = $ldap->search( NULL, $filter, $options ); if (PEAR::isError($search)) { $log->log( 'Search error: '.$search->getMessage()); return false; } $log->log("search found " .$search->count() . " entry(ies) for filter: " . $filter->asString()); $entry = $search->shiftEntry(); $binddn = $entry->dn(); $log->log("got dn: " . $entry->dn()); $ldap->disconnect(); $ldap = Net_LDAP2::connect(array( 'host' => 'localhost', 'port' => 389, 'version' => 3, 'basedn' => $basedn, 'userattr' => 'uid', 'binddn' => $binddn, 'bindpw' => $password )); if (PEAR::isError($ldap)) { $msg = 'Could not bind as user '.$username.': '.$ldap->getMessage(); $log->log($msg); return false; } $log->log("successful bind!"); $ldap->disconnect(); return true; } ?>

#2

Hmm. HelpSpot adjusts the include path, perhaps that’s messing up your pear includes when used in the context of HelpSpot. Make sure to manually include all dependencies like the base PEAR libs and see if that helps.