[4] LDAP authenticate without domain in username

[pioada]

Steps to reproduce the issue

Activate LDAP plugin in "direct bind" method and authenticate only with user name (not username@domain).

Expected result

Allow only user name to be used for LDAP authentication (not username@domain), like in standard Joomla! authentication method.

Actual result

Full DN is required in "username" login field (like username@domain), because it is used in "ldap_bind" and "ldap_search" methods.

System information (as much as possible)

Joomla 4.0.3

Additional comments

One possible solution is to add "ldap_prefix" and "ldap_suffix" fields in LDAP plugin configuration for "direct bind" method. This allows to use "userdn" like "domain/username" or "username@domain". Just check and merge "ldap_prefix", username (from login form) and "ldap_suffix".
I can do it but how to send corrected files.

[mrownicki]

Any fix/action?

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[mrownicki]

@PhilETaylor

Do you know, any good plugin to synch AD and working with Joomla 4?

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[pioada]

I'm rewriting plugin, but I need more time.
does anyone know how to send new files to Joomla developers?

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[mrownicki]

@pioada

Im not developer but commercial plugin using this PHP library https://www.php.net/manual/en/book.ldap.php Maybe this has been helpful for you.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[mrownicki]

You need, add files on GitHub and some from team must review, test etc.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[mrownicki]

https://docs.joomla.org/Working_with_git_and_github

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[pioada]

Hi. I dont have access to secured LDAP. Can anyone test is it work on secured LDAP?
This is TEST-ONLY version, DONT use it on live site.
Link to files: https://drive.google.com/file/d/1v4Q_fO24rt50ikr8hK-FQwSxI5dbnY1n/view. Extract, override and force refresh (Ctrl+f5) on plugin config view.
I worked on the plug based on my own environment / needs. If you need something else then write.
Do you think that automatic assigning to access groups based on LDAP attributes would be useful?
@mrownicki: thanks for info. Joomla! 4 uses part of symfony LDAP library.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[pioada]

You have to copy "layouts" and "src" folders to LDAP folder. They contains definition and layout of this button. This solution is taken from other core plugins. If You did thatm, then try to force refresh or Joomla cache (?).
JS code could be problem but this is only way to test connection before saving plugin configuration.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[pioada]

@PhilETaylor Also I see no test authentication button
I copied plugin files to another J! instance and now I see this problem.
It looks like the problem is with the "pathmap" to the "src" directory, which is in the "administrator/cache/autoload_psr4.php" file. J! has a "Namespace Updater" plugin that updates this file automatically, but it runs only on extension install, update and uninstall. Possible solutions: add this line to autoload_psr4 file:
'Joomla\Plugin\Authentication\Ldap\' => [JPATH_PLUGINS . '/authentication/ldap/src'],
or install, update or uninstall any extension :).
More over, it looks like J! by default search for custom fields in these folders:
Joomla\Plugin\Authentication\Ldap\Field\TestConnectionField, Joomla\Component\Plugins\Administrator\Field\TestConnectionField, Joomla\CMS\Form\Field\TestConnectionField. I moved folder Fields to plugin main folder according to first path but it doesn't work. I also changed "addfieldprefix" to "Joomla\Plugin\Authentication\Ldap\src\Field" but that doesn't work as well. It looks like only way is to add path to autoload_psr4 file. I found this issue: #20953 and I totally agree with laoneo, plugin and this map are now redundant.
I will add new issue when I have a free moment. I am currently working on moving data from LDAP to additional user fields and access rights based on LDAP artifacts. I will upload new version when it will be finished.

---

_{This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/35573.}

[tatankat]

#37959 probably fixes this issue too (but with minimalist change) - if configuration is done correctly. If it worked in V3, it should work in V4 - except for SSL.

[tatankat]

With #37962, secured LDAP also works (with minimal changes). Can someone test if these PRs fixes this issue?

On a side note: why was the PR first created suddenly closed?

[richard67]

Closing as having a pull request. Please test #37959 . And for secured LDAP test #37962 . Thanks in advance.