View ProjeQtOr On SourceForge.net
ProjeQtOr - Project Management Tool
Support us on Capterra
OIN - Open Invention Network
ProjeQtOr free project management software - Encryption selection mode for LDAP queries is missing - ProjeQtOr
 

Encryption selection mode for LDAP queries is missing

More
13 Jan 2019 14:13 #1 by postman76
Encryption selection mode for LDAP queries is missing was created by postman76
Hi,

I'm strugling to get TLS encrypted connection to our LDAP server, where it looks that this feature is totally missing from the code.

I believe code supports encryption mode selection only between non-encrypted and SSL-encrypted connections which is normally done via port number.
But SSL encryption has not been anymore recommended for at least couple of years now and recommended way should be done with TLS encryption which is done via port 389 (yes the same than non-encrypted)

So for the file called UserMain.php (at Model folder) there should be some kind of trying code for TLS encryption as well. My educated guess is that this "try" should go to the code in line 1183 and could be following somehow ini example below:
$ldap_URI = "ldap://ldap.example.com/" ;
$ldap_bind_dn = "cn=myapplication,ou=service accounts,dc=example,dc=com" ;
$ldap_bind_dn_password = "hopefully something long and complicated" ;
$ldap_connection = ldap_connect($ldap_URI) ;
if(ldap_start_tls($ldap_connection)){
    if(!ldap_bind($ldap_connection,$ldap_bind_dn,$ldap_bind_dn_password)) ;
    //TODO: return/throw some error/exception here to be handled by caller, regarding invalid credentials
}else{
    ldap_close($ldap_connection);
    //TODO: return/throw some error/exception here to be handled by caller, regarding starttls failure
}

Even better way would be that there will be setting for the admin (in area where LDAP settings are defined) that there would be ecnryption settings available a good example how this could be done is from tool called webmin, take a look the pic below:
Attachments:

Please Log in or Create an account to join the conversation.

More
16 Jan 2019 16:30 #2 by babynus
Replied by babynus on topic Encryption selection mode for LDAP queries is missing
This is subject of ticket #3103.
I added your remarks an proposal as note on the ticket.
Babynus
Administrator of ProjeQtOr web site

Please Log in or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.037 seconds

Cookies settings

×

Functional Cookies

Ce site utilise des cookies pour assurer son bon fonctionnement et ne peuvent pas être désactivés de nos systèmes. Nous ne les utilisons pas à des fins publicitaires. Si ces cookies sont bloqués, certaines parties du site ne pourront pas fonctionner.

Session

Please login to see yours activities!

Other cookies

Ce site web utilise un certain nombre de cookies pour gérer, par exemple, les sessions utilisateurs.

Login Form