Repeatable: Always
With a fresh/new Drupal 7.14 install for a new standalone website:
Steps to repeat:
- Download Module Certificate Login
- Un-compress certificatelogin-7.x-2.0-rc1.tar.gz into modules folder
- Visit admin/modules page in site, enable module and configure (/#overlay=admin/config/people/certificatelogin)
Expected Results:
To see options for "Automatic Login Path", and "Account Creation" as mentioned in the README.txt and features list.
Actual Results:
After enabling the module, the "Certificate Login Settings" page only has the following options available:
- "PHP code to retrieve auth name",
- "Current Login Override",
- "Present login link on access denied (403)" (note: this will not save to "Enabled")
- "Access Denied Custom Message".
The "Automatic Login Path", and "Account Creation" settings are missing from this screen and I can't find them anywhere else. So obviously right now it won't actually authenticate anyone with a certificate, only username/password.
No errors are being logged in the Apache error_log file and there is nothing else to indicate a problem with the installation or module.
(Referencing my community Post Installation post: http://drupal.org/node/1663114)
Comments
Comment #1
ZeiP CreditAttribution: ZeiP commentedThanks for the report!
The D7 version is quite different from the old D6 version. The account creation option has been removed for now, since Certificate login no longer requires the users to have the certificate auth name as their user name, but instead uses the authmap functionality to bind any number of certificates to user accounts.
You should see a tab on the user account page (/user) that allows you to associate a certificate with the user account. The login page is at /login. I'm hoping to do the login via the normal user login form eventually, so no dedicated form would be necessary.
I'll try to get around updating the documentation to more accurately describe the current status of the module, thanks again for reporting!
Comment #2
ZeiP CreditAttribution: ZeiP commentedBTW, the problem with ”Present login link on access denied (403)” option default option has been fixed in the new version.
Comment #3
crontab CreditAttribution: crontab commentedYes, I'd seen the account page (/user) tab and successfully associate my certificate to the main admin account, but was unsure what to do next. So I guess this mean all users must create accounts for themselves and then associate their certificate to their account?
Clicking the "Login by Certificate" button on the login page generates the follow error:
Comment #4
ZeiP CreditAttribution: ZeiP commentedCurrently yes, you have to have all users register and associate their certificates manually. If you need an account create functionality, I suppose it wouldn't be too difficult to return it to the new version also.
The error you cited sounds weird, I'll try to check if I can repeat it. What kind of code do you have for fetching the identifier from the certificate?
Comment #5
crontab CreditAttribution: crontab commentedJust
$_SERVER["SSL_CLIENT_S_DN"]
Comment #6
openbrian CreditAttribution: openbrian commentedSee http://drupal.org/node/1454466#comment-5664306 I had the same problem and this fix worked for me. user_load() only takes a uid now. http://api.drupal.org/api/drupal/modules!user!user.module/function/user_..., but line 293 of the modules sends in an array.
Comment #7
horse-1900 CreditAttribution: horse-1900 commentedHi there, I'm experience the same problem with getting the module working. when you say: "You should see a tab on the user account page (/user) that allows you to associate a certificate with the user account."
........could you be a bit more specific please???
All i see is the main configuration page and a "certificate identities" tab that contains an "add certificate button" which gives the following error:
Notice: Undefined property: stdClass::$DN in eval() (line 1 of /var/www/html/test.site/sites/all/modules/certificatelogin/certificatelogin.module(146) : eval()'d code).
A login was attempted but failed because information could not be retrieved from your certificate.
I also could not find any documentation about the "PHP code to retrieve auth name field" on the config page, apart from the single sentence in the readme? IE any examples of differnt values. i just put $GLOBALS['user']->DN which i found in another post.
Thanks in advance! : )
Cheers,
Matt
Comment #8
alienseer23 CreditAttribution: alienseer23 commentedSo I realize that this is Very Old.
But I am getting the same errors, and cannot find the appropriate code to put into the configuration box. I had it working before a security breach into my server, and now I cannot find my notes to reconfigure this.
Can anyone give me an example to validate against an email address in the certificate? I am using the latest Drupal 7 code, and dev version of this module.
Any advice is truly appreciated.
Comment #10
alienseer23 CreditAttribution: alienseer23 commentedWaking this again just to note that the code that worked in the box was
$_SERVER["SSL_CLIENT_S_DN_Email"]