473,797 Members | 2,933 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

-> LDAP in SSL problem <-

Hi,

it seems to me that I have a problem using an LDAPS connection
to our server for identification purposes (using OpenLDAP and
OpenSSL).

Using PHP 4.4.4 I have the following code which correctly
binds in SSL but any "search" for attributes and their values
seems to return only the attributes for an anonymous connection.
Thus, this is restricted to a few ones instead of having them all
(especially the groupMembership I'm looking for).
$ldapconn = ldap_connect("l daps://ldapserver", 636 )
or die( "Connection problem.<BR>" ) ;

if (ldap_set_optio n($ldapconn, LDAP_OPT_PROTOC OL_VERSION, 3)) {
echo "Using LDAPv3<BR>\n";
} else {
echo "Failed to set protocol version to 3";
}

// Verify whether the provided name exists
$ldapresult = @ldap_search( $ldapconn, "o=mydomain ", "cn=".$name ) ;
if( $ldapresult ) {
// User exists, now retrieve his DN and bind in SSL
$entries = @ldap_get_entri es( $ldapconn, $ldapresult ) ;
if( $entries["count"] ) {
$ldapbind = ldap_bind( $ldapconn, $entries[0]['dn'], $pwd ) ;
if( $ldapbind ) {
echo "Succesfull y bound<BR>" ;
// do some new ldap_search here
...
}
else {
echo "Bound failed<br>" ;
}
}
}

This prints "Succesfull y bound" with the correct credentials.

That's where I have a doubt. How does the ldap function then work
knowing it has correct credentials?

After the succesful bind, if I do another search, I still get the
basic attributes (about 6 of them), not all of them.
For example:
$result = @ldap_search( $ldapconn, "o=mydomain ", "cn=".$name ) ;

Does ldap_bind change the content of $ldapconn in order to know
that we're now securely authotified???

I really miss something there. Does the ldap_bind call change anything
to the ldap function behaviors after being succesful?
How does the application know we're correctly identified?

The server has a valid certificate (the bind() wouldn't work anyway if
that were not the case).

Thanks for any help.
Sincerely,
Steve JORDI

(Remove the K_I_L_LSPAM from my email address)
------------------------------------------------
1197 Prangins Email: st************* ******@hotmail. com
Switzerland WWW: www.sjordi.com
------------------------------------------------
Volcanoes at www.sjordi.com/volcanoes
MovieDB at www.sjmoviedb.com
------------------------------------------------
Jan 17 '07 #1
1 1797
forget about it,
a new call to ldap_search just after the bind works ok.
Jan 17 '07 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
0
2066
cocoon 2.1.6 xsp page: problem with <esql:get-string> and <esql:get-xml>
by: Arne Schirmacher | last post by:
I want to display a MySQL database field that can contain HTML markup. If I use <esql:get-string> then I get all of the database field, but all tags are escaped which is not what I want. If I use <esql:get-xml> the tags are not escaped, but only the first part of the database field is displayed. The content of the database field is: "<h1>Title</h1><h2>Subtitle</h2>"
.NET Framework
8
14467
Space between <p>...</p> and <div>...</div> blocks
by: Daniel Hansen | last post by:
I know this must seem totally basic and stupid, but I cannot find any reference that describes how to control the spacing between <p>...</p> and <div>...</div> blocks. When I implement these on a page, there is a huge gap (like 3/8 inch or 25 px) between them. This is driving me bananas. What the hey am I missing? dh ------------------------------------------------ Dan Hansen ------------------------------------------------
HTML / CSS
11
6049
XHTML 1.1 strict validation of <THEAD> and <TFOOT>
by: Woolly Mittens | last post by:
I tried validating my gallery page using your validator. http://validator.w3.org/check?uri=http%3A%2F%2Fwww.woollymittens.nl%2Fcontent%2Fgallery%2Findex.asp To my surprise it informed me that <tfoot> wasn't valid XHTML 1.1 strict, while it is in the document definition: http://www.w3.org/TR/xhtml-modularization/abstract_modules.html#s_tablemodule My <thead> tag apparently was valid, while my <tfoot> wasn't. I would appreciate it if...
HTML / CSS
129
64598
<em> vs.<i> and <strong> vs. <b>
by: Torbjørn Pettersen | last post by:
I've started cleaning up my HTML and implementing CSS. So far I've used FrontPage, but am switching over to DreamWeaver. Reading a bit on W3Schools.com and W3.org I see there are a lot of HTML code I never even knew existed. Among these are <em> and <strong>. What's the difference between these two and <i> and <b>? -- Torbjørn Pettersen Editor/Webmaster
HTML / CSS
0
1216
ASP <-> LDAP
by: Fabian Baum | last post by:
Hi, i have a problem in the following source code, i cant read the department from the AD ;( where is my mistake? Dim strBrowser 'Brausertyp If Request.ServerVariables("LOGON_USER") = "" Then Response.Status = "401 Unauthorized"
ASP / Active Server Pages
4
3037
WYSIWYG editor returning &gt; instead <
by: David Lozzi | last post by:
Howdy, I'm using a WYSIWYG editor called TinyMCE. When I edit some text and then save it back to my SQL server using a SQLCommand, all HTML characters are changed to HTML code, i.e. &gt;strong&lt; instead of <strong> and so on. Is this a problem with the editor or something else? Does .Net convert it? I had to disable page validate request because of the tags, is there more? Thanks,
ASP.NET
2
2507
-> LDAP question <-
by: Steve JORDI | last post by:
Hi, I'm checking a user identity on a secure LDAP server using the following code: $ldapconn = ldap_connect("ldaps://myserver.mycompany.ch", 636 ) or die( "Can't connect to LDAP" ) ; $ldapresult = ldap_search( $ldapconn,"o=mycompany,c=ch","cn=".$name); if( $ldapresult ) {
PHP
7
3629
Different renderings of <br/> and <br></br> in IE6
by: Nathan Sokalski | last post by:
Something that I recently noticed in IE6 (I don't know whether it is true for other browsers or versions of IE) is that it renders <br/and <br></br> differently. With the <br/version, which is what most people use when they write static code (some people use <br>, but with xhtml you are required to close all tags), IE6 simply breaks to the next line like it is supposed to. However, with <br></br>, which is what is sometimes generated by...
ASP.NET
2
2010
Write > or < in method summary
by: Samik R. | last post by:
Simple question about writing the method summary: how do you write > (greater than) or < (less than) in between <summary></summary>? Thanks.
C# / C Sharp
0
9685
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
9536
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10245
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
10205
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
9063
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
0
6802
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5458
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
1
4131
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3748
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us