Quantcast
Channel: Authentication
Viewing all 8261 articles
Browse latest View live

Moodle and SSO with OpenAM

January 19, 2017, 12:21 pm
$
0
0

by brandon headrick.  

I'm trying to integrate OpenAM with Moodle, and came across this topic from 2013:  https://moodle.org/mod/forum/discuss.php?d=227264

I basically have the same question; has anyone had luck integrating OpenAM with Moodle, and if so, do you have any pointers, or a resource, on some pointers and things to look out for (or even a starting point would be great!)?  Or, if there's a moodle plugin that exists for this, where can I find it?


Right now, I'm working on modifying the moodle code to do this, but I'm very new to php as well (and OpenAM for that matter), so any help/tips at all would be appreciated.

Search

Is there any option to filter duplicate users while uploading them

January 24, 2017, 5:18 am
$
0
0

by Adarsh Shukla.  

We have done this using email address but now we want to add phone number as filter parameter

Moodle and O365 session timeout issue

January 26, 2017, 5:12 am
$
0
0

by Anthony Connor.  

Hi,


We are using the openID connect plugin from the O365 suite of plugins for authentication in our site for a few months. All went well in testing and in the early days but we have noticed an issue with users being continually kicked out of moodle and returned to the login page with a session timeout error. The timeout in moodle is set to 3 hours but users are being kicked out every few minutes. Our accounts are in AzureAD and users are directed to our adfs site to enter credentials. We are using moodle 3.0.4+ on a LAMP stack. 

Has anybody come across an authentication issue like this with O365 with moodle?

SSO with SAML2

January 26, 2017, 5:18 am
$
0
0

by callum Wood.  

Hi all,


I have been asked to install the following plugin for a clients moodle:

https://moodle.org/plugins/auth_saml2

Unfortunately they are using a windows server. I am able to get the plugin installed onto the Moodle but when I go into the setting for the plugin and try to issue a new certificate I get the follwing error:


Warning: openssl_csr_sign(): cannot get CSR from parameter 1 in C:\inetpub\wwwroot\moodle-development\auth\saml2\setup.php on line 82

Warning: openssl_x509_export(): cannot get cert from parameter 1 in C:\inetpub\wwwroot\moodle-development\auth\saml2\setup.php on line 83

Warning: openssl_pkey_export(): cannot get key from parameter 1 in C:\inetpub\wwwroot\moodle-development\auth\saml2\setup.php on line 84

Warning: openssl_csr_sign(): cannot get CSR from parameter 1 in C:\inetpub\wwwroot\moodle-development\auth\saml2\setup.php on line 82

Warning: openssl_x509_export(): cannot get cert from parameter 1 in C:\inetpub\wwwroot\moodle-development\auth\saml2\setup.php on line 83

Warning: openssl_pkey_export(): cannot get key from parameter 1 in C:\inetpub\wwwroot\moodle-development\auth\saml2\setup.php on line 84

Moodle version 2.9

IIS 6

Any advice on this issue will be appreciated.


Thanks 

PHP Error log growing to fill root partition

January 26, 2017, 11:26 am
$
0
0

by Charles Johnson.  

I was alerted this morning by our system of the fact that our Moodle server's root partition was filling up. When I looked at it, the php_errors.log file was growing very rapidly and the only entries being added were:

PHP Warning:  ldap_search(): Search: Can't contact LDAP server in /var/www/html/moodle/auth/ldap/auth.php on line 712

It is odd, as I can login to the server using my AD credentials just fine and  users are syncing properly. I did recently upgrade our server to version 3.1 [3.1.3+ (Build: 20161208) specifically] and changed our method of syncing users over to the built in Site Administration > Server > Scheduled Tasks method, we were using a standard linux cron job to run the CLI version, but after the upgrade the output stated that it was no longer the valid method to use. As a troubleshooting step,  I disabled that job and I am still getting the warning messages in the php_errors.log file.

I found another potentially related question on the forum that advised disabling it and using the CLI method to troubleshoot, and it worked as I would have expected.

I also talked with our AD Admin about it and he looked at the logs of the domain controller and the only errors he was seeing were schannel errors. I imported the root certificate from our internal certificate server into the cacerts for the server, but it didn't resolve the issue either. I have to see if he is still seeing those errors or not, but it doesn't seem to be related to this issue.

I am at a loss on how the error states that it cannot contact the LDAP server, but every otherwise indicates to me that it is functioning normally.

Any assistance and advise would be greatly appreciated.

Thanks,

Chuck


Re: PHP Error log growing to fill root partition

January 26, 2017, 12:42 pm
$
0
0

by Emma Richardson.  

Looking at that line shows the following:

// Use ldap_search to find first user from subtree.
$ldap_result = ldap_search($ldapconnection, $context, $filter, array($this->config->user_attribute));

Leads me to suspect that it is not necessarily the main connection but maybe that you have a context faulty or some permission with your bind user maybe?  Are you using a bind user?  Do you have multiple contexts that it is searching?  Or are you searching through subdirectories and your bind user does not have the necessary permissions on the main directory?

Just a few ideas...

Re: Moodle and O365 session timeout issue

January 27, 2017, 1:27 am
$
0
0

by Anthony Connor.  

We see this error from time to time:


moodle_exception


moodle_exception."Unknown state." thrown in /var/www/elearning.ait.ie/auth/oidc/classes/Ioginflow/authcode.php on line 148

at auth_oidc\loginflow\authcode.handleauthresponse(loginflow/authcode.php:79)

at auth_oidc\loginflow\authcode.handleredirecuoidc/authphp:1 05)


at authjluginpidc.handleredirecuoidc/index.php:29)

at .{main}(loginflow/authcode.php:148)



In the authcode.php class the method responsible for line 148 is titled 'Validate and expire state'. From what i can see this method throws an errorauthunknownstate exception if the auth_oidc_state record in the DB is empty. This may be causing the session timeout error we are seeing for our users. 


Does anybody have any pointers?

PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 28, 2017, 11:16 am
$
0
0

by Ricardo Caiado.  

Hi,

After updating my server to Ubuntu 16.04 LTS I can not connect to my MSSQL external authenticantion database.

I got this error message whenever I try to login: "Call to undefined function mssql_query()"

"Important Note 2: PHP 7 and following do not support the php_mssql driver anymore. People wanting to use SQL*Server database services should switch to the sqlsrv drivers in the platforms were they are available or keep using PHP 5.6.x"

Ubuntu 16.04 LTS
PHP v7.0
Moodle 3.1.4+ / Moodle 3.2.1+
----------------------------------------
Test authentication settings - External database
XXX.XXX.XXX.XXX: Missing extension for mssql
Cannot connect the database.
Search

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 28, 2017, 11:55 am

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 28, 2017, 12:45 pm
$
0
0

by Ricardo Caiado.  

Hi,

I tried this:

-----------------------
sudo su
curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list> /etc/apt/sources.list.d/mssql-release.list
exit
sudo apt-get update
sudo ACCEPT_EULA=Y apt-get install -y msodbcsql mssql-tools unixodbc-dev
sudo pecl install sqlsrv
sudo pecl install pdo_sqlsrv
echo "extension=sqlsrv">> `php --ini | grep "Loaded Configuration" | sed -e "s|.*:\s*||"`
echo "extension=pdo_sqlsrv">> `php --ini | grep "Loaded Configuration" | sed -e "s|.*:\s*||"`
----------------------

But it didn´t worked out.

Ricardo

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 28, 2017, 2:44 pm
$
0
0

by Ken Task.  

So what does php -m |grep sqlsrv show?

The last two echo lines .... look a little strange to me.    The >> means tack onto the end of the file but what follows is not php.ini but php --ini so where did the echo send that text?

Think Ubuntu like CentOS in that what .ini files are found in /etc/php.d/ are loaded.

Do you see a sqlsrv.ini file in /etc/php.d/ ?

Run php -ini again to see if there isn't a /etc/php.d/mssql.ini listed.

And, any change to php would require restart of apache service.

'spirit of sharing', Ken



Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 28, 2017, 3:58 pm
$
0
0

by Ken Task.  

Just did this on a CentOS 7 box ... even though I don't run mssql - just to see.
Followed ... somewhat ..
http://stackoverflow.com/questions/34377338/linux-php-7-0-and-mssql-microsoft-sql

At the tail end of the pecl install of sqlsrv this:
configuration option "php_ini" is not set to php.ini location
You should add "extension=sqlsrv.so" to php.ini

This is an extension so it probably be loaded in the normal fashion rather than adding it to php.ini anyway.  So here's what I did:

cd /etc/php.d/
nano sqlrv.ini
Pasted the following line into the ini file editing just above
extension=sqlsrv.so

Restarted apache service.

php -m |grep sqlsrv

Then does show sqlsrv loaded.

If the directions to install  work on CentOS 7 the Ubutnu directions should certainly should work with Ubutnu.

What I did that was different ... didn't try to include accepting the EULA with a yum command.   Got the repo loaded and checked updates activating the MS repo. 

Yum install without the accepting stuff prompted to accept the key from the repo and then also prompted to accept the license terms ... just had to type: YES [enter].

You might need to do something similar.

'spirit of sharing', Ken

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 29, 2017, 3:26 am
$
0
0

by Ricardo Caiado.  

Hi,

This is what I got when I turn on debugging:

line 832 of /lib/adodb/drivers/adodb-mssql.inc.php: Error thrown
line 1222 of /lib/adodb/adodb.inc.php: call to ADODB_mssql->_query()
line 1200 of /lib/adodb/adodb.inc.php: call to ADOConnection->_Execute()
line 227 of /auth/db/auth.php: call to ADOConnection->Execute()
line 3843 of /lib/moodlelib.php: call to auth_plugin_db->get_userinfo()
line 4246 of /lib/moodlelib.php: call to update_user_record_by_id()
line 154 of /login/index.php: call to authenticate_user_login()

Ricardo

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 29, 2017, 6:30 am
$
0
0

by Ken Task.  

What do you get with this command:

php -m [ENTER]

and this command:

php --ini [ENTER]

and this command:

tail -n 20 /etc/php.ini

and this command:

ls /etc/php.d/

In any/all of those we're looking for evidence that mssql driver is truely loaded/present.

'spirit of sharing', Ken


Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 30, 2017, 3:11 am
$
0
0

by Ricardo Caiado.  

Hi Ken,

Here we go:

#php -m

[PHP Modules]
calendar
Core
ctype
curl
date
dom
exif
fileinfo
filter
ftp
gd
gettext
hash
iconv
intl
json
libxml
mbstring
mcrypt
openssl
pcntl
pcre
PDO
pdo_dblib
pdo_pgsql
pdo_sqlsrv
pgsql
Phar
posix
readline
Reflection
session
shmop
SimpleXML
soap
sockets
SPL
sqlsrv
standard
sysvmsg
sysvsem
sysvshm
tokenizer
wddx
xml
xmlreader
xmlrpc
xmlwriter
xsl
Zend OPcache
zip
zlib

[Zend Modules]
Zend OPcache

---------------------------------------------

#php --ini

Configuration File (php.ini) Path: /etc/php/7.0/cli
Loaded Configuration File: /etc/php/7.0/cli/php.ini
Scan for additional .ini files in: /etc/php/7.0/cli/conf.d
Additional .ini files parsed: /etc/php/7.0/cli/conf.d/10-opcache.ini,
/etc/php/7.0/cli/conf.d/10-pdo.ini,
/etc/php/7.0/cli/conf.d/15-xml.ini,
/etc/php/7.0/cli/conf.d/20-calendar.ini,
/etc/php/7.0/cli/conf.d/20-ctype.ini,
/etc/php/7.0/cli/conf.d/20-curl.ini,
/etc/php/7.0/cli/conf.d/20-dom.ini,
/etc/php/7.0/cli/conf.d/20-exif.ini,
/etc/php/7.0/cli/conf.d/20-fileinfo.ini,
/etc/php/7.0/cli/conf.d/20-ftp.ini,
/etc/php/7.0/cli/conf.d/20-gd.ini,
/etc/php/7.0/cli/conf.d/20-gettext.ini,
/etc/php/7.0/cli/conf.d/20-iconv.ini,
/etc/php/7.0/cli/conf.d/20-intl.ini,
/etc/php/7.0/cli/conf.d/20-json.ini,
/etc/php/7.0/cli/conf.d/20-mbstring.ini,
/etc/php/7.0/cli/conf.d/20-mcrypt.ini,
/etc/php/7.0/cli/conf.d/20-pdo_dblib.ini,
/etc/php/7.0/cli/conf.d/20-pdo_pgsql.ini,
/etc/php/7.0/cli/conf.d/20-pgsql.ini,
/etc/php/7.0/cli/conf.d/20-phar.ini,
/etc/php/7.0/cli/conf.d/20-posix.ini,
/etc/php/7.0/cli/conf.d/20-readline.ini,
/etc/php/7.0/cli/conf.d/20-shmop.ini,
/etc/php/7.0/cli/conf.d/20-simplexml.ini,
/etc/php/7.0/cli/conf.d/20-soap.ini,
/etc/php/7.0/cli/conf.d/20-sockets.ini,
/etc/php/7.0/cli/conf.d/20-sysvmsg.ini,
/etc/php/7.0/cli/conf.d/20-sysvsem.ini,
/etc/php/7.0/cli/conf.d/20-sysvshm.ini,
/etc/php/7.0/cli/conf.d/20-tokenizer.ini,
/etc/php/7.0/cli/conf.d/20-wddx.ini,
/etc/php/7.0/cli/conf.d/20-xmlreader.ini,
/etc/php/7.0/cli/conf.d/20-xmlrpc.ini,
/etc/php/7.0/cli/conf.d/20-xmlwriter.ini,
/etc/php/7.0/cli/conf.d/20-xsl.ini,
/etc/php/7.0/cli/conf.d/20-zip.ini

-------------------------------------------

#tail -n 20 /etc/php/7.0/apache2/php.ini

;openssl.cafile=

; If openssl.cafile is not specified or if the CA file is not found, the
; directory pointed to by openssl.capath is searched for a suitable
; certificate. This value must be a correctly hashed certificate directory.
; Most users should not specify a value for this directive as PHP will
; attempt to use the OS-managed cert stores in its absence. If specified,
; this value may still be overridden on a per-stream basis via the "capath"
; SSL stream context option.
;openssl.capath=

; Local Variables:
; tab-width: 4
; End:

extension=/usr/lib/php/20151012/sqlsrv.so
extension=/usr/lib/php/20151012/pdo_sqlsrv.so

----------------------------------------------------

#ls /etc/php/7.0/apache2/conf.d/


10-opcache.ini@ 20-gd.ini@ 20-phar.ini@ 20-tokenizer.ini@
10-pdo.ini@ 20-gettext.ini@ 20-posix.ini@ 20-wddx.ini@
15-xml.ini@ 20-iconv.ini@ 20-readline.ini@ 20-xmlreader.ini@
20-calendar.ini@ 20-intl.ini@ 20-shmop.ini@ 20-xmlrpc.ini@
20-ctype.ini@ 20-json.ini@ 20-simplexml.ini@ 20-xmlwriter.ini@
20-curl.ini@ 20-mbstring.ini@ 20-soap.ini@ 20-xsl.ini@
20-dom.ini@ 20-mcrypt.ini@ 20-sockets.ini@ 20-zip.ini@
20-exif.ini@ 20-pdo_dblib.ini@ 20-sysvmsg.ini@
20-fileinfo.ini@ 20-pdo_pgsql.ini@ 20-sysvsem.ini@
20-ftp.ini@ 20-pgsql.ini@ 20-sysvshm.ini@

-----------------------------

Ricardo
Search

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 30, 2017, 5:56 am
$
0
0

by Ricardo Caiado.  

The function "mssql_query" is no longer used in PHP7.0. But it is declared in "line 832 of /lib/adodb/drivers/adodb-mssql.inc.php":

"...
$rez = mssql_query($sql,$this->_connectionID);
..."

Maybe the correct function should be "sqlsrv_query()"

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 30, 2017, 7:01 am
$
0
0

by Ken Task.  

On the StackOverflow page where the installation instructions were, there was also a small test php file.

<?php
$serverName = "localhost";
$connectionOptions = array("Database" => "SampleDB","Uid" => "sa","PWD" => "your_password"
);
//Establishes the connection
$conn = sqlsrv_connect($serverName, $connectionOptions);
if($conn)
    echo "Connected!"
?>
'spirit of sharing', Ken

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 30, 2017, 7:43 am
$
0
0

by Ricardo Caiado.  

I run a similar test (above) and it works just fine. But the script is using "sqlsrv_...", instead of "mssql_...".

And Moodle is using "mssql_..."

Take a look at "https://tracker.moodle.org/browse/MDL-57827"

----------------------------

<?php
$serverName = "XXX.XXX.XXX.XXX";
$connectionOptions = array(
"Database" => "XXX",
"Uid" => "XXX",
"PWD" => "XXX"
);
//Establishes the connection
$conn = sqlsrv_connect($serverName, $connectionOptions);
//Select Query
$tsql= "SELECT @@Version as SQL_VERSION";
//Executes the query
$getResults= sqlsrv_query($conn, $tsql);
//Error handling

if ($getResults == FALSE)
die(FormatErrors(sqlsrv_errors()));
?>

Results :

<?php
while ($row = sqlsrv_fetch_array($getResults, SQLSRV_FETCH_ASSOC)) {
echo ($row['SQL_VERSION']);
echo ("
");
}
sqlsrv_free_stmt($getResults);
function FormatErrors( $errors )
{
/* Display errors. */
echo "Error information:
";

foreach ( $errors as $error )
{
echo "SQLSTATE: ".$error['SQLSTATE']."
";
echo "Code: ".$error['code']."
";
echo "Message: ".$error['message']."
";
}
}
?>

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 30, 2017, 8:27 am
$
0
0

by Dave Perry.  

I can't open that tracker issue. Is it locked down or no longer there?

Re: PHP 7 and following do not support the php_mssql driver anymore. Cannot connect the database.

January 30, 2017, 9:11 am
$
0
0

by Ricardo Caiado.  

print-screen
Viewing all 8261 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>