Hardened MS-AD/LDAP Support

This is a forum to suggest new features for mojoPortal. 

This thread is closed to new posts. You must sign in to post in the forums.
9/28/2010 10:22:52 PM
Gravatar
Total Posts 1

Hardened MS-AD/LDAP Support

I would really like to use MojoPortal however it does not support secure ldap connections. My server requires SSL/TLS authentication for AD/LDAP. Here's the result of my attempt:

2010-09-28 22:51:55,972 ERROR mojoPortal.Business.LdapHelper - login failure
LdapException: (8) Strong Authentication Required
LdapException: Server Message: 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db0�

9/29/2010 1:38:30 PM
Gravatar
Total Posts 18439

Re: Hardened MS-AD/LDAP Support

Hi,

I confirm this is currently not supported. I've added an item in my project tracker for this but not sure when I will get to it. Found some helpful info here: http://stackoverflow.com/questions/386982/novell-ldap-c-novell-directory-ldap-has-anybody-made-it-work

Best,

Joe

9/29/2010 6:59:06 PM
Gravatar
Total Posts 1196
Proud member of the mojoPortal team

Help support mojoPortal!
Add-on modules

Re: Hardened MS-AD/LDAP Support

Hi Joe, we could also make good use of LDAP over SSL in our environment.

While you're thinking about LDAP, I was wondering if mojo supports a mixed authentication environment? In our case, we would like to use LDAP authentication for our internal users and site maintainers, but non-LDAP authentication for external users to interact on forums/blogs/newsletter signups.

If that's not supported, it's something that would be very useful to us.

Thanks,

Jamie

9/30/2010 6:47:49 AM
Gravatar
Total Posts 18439

Re: Hardened MS-AD/LDAP Support

Hi Jamie,

When I do get to working on this, maybe you could help me with testing. I don't currently have an ldap server setup to test with and since you work with the code from the repository, maybe you could help with testing. I could code it as I think it should be to support this, then commit to the repository and you could pull down the code and test to verify it works and that I haven't broken anything. That would save me a lot of time and effort in setting up a virtual machine with ldap.

Best,

Joe

9/30/2010 9:34:34 AM
Gravatar
Total Posts 1196
Proud member of the mojoPortal team

Help support mojoPortal!
Add-on modules

Re: Hardened MS-AD/LDAP Support

Absolutely, Joe, I'd be happy to help!

Jamie

9/30/2010 9:57:28 AM
Gravatar
Total Posts 18439

Re: Hardened MS-AD/LDAP Support

Thanks Jamie!

I've put a note in my project tracker to contact you when I work on this.

Best,

Joe

11/11/2010 8:37:33 AM
Gravatar
Total Posts 18439

Re: Hardened MS-AD/LDAP Support

Hi,

Thanks to help from Jamie, SSL support for LDAP is now in the source code repository so it should work in the next release. It has been tested so far using Novell but not Active Directory yet, but in theory it should work and hopefully Jamie will get a chance to test that in the near future.

It will require adding this to user.config to enable SSL for ldap:

<add key="UseSslForLdap" value="true" />

Best,

Joe

 

You must sign in to post in the forums. This thread is closed to new posts.