LDAP Authentication: provide an enabled variable (TRUE / FALSE) [#2459589]

As far as I can tell, the LDAP modules do not provide any easy method to disable LDAP authentication when the module is installed and enabled.

This proves to be difficult trying to automate build tests as the module needs to be disabled when importing or generating users (such as with drush generate-users) when not able to access the LDAP server. If the LDAP module is a dependency on other custom Features then it proves to be very problematic as other functionality then might also be disabled.

Attached is a quick patch which works around this issue. It does not contain an UI changes (I will wait for approval of the idea first) but it does allow the new variable ldap_servers_enabled to be set via drush or in the settings.php file as $conf['ldap_servers_enabled'].

Comment	File	Size	Author
#3	ldap_authentication-enabled_variable-2459589-3.patch	737 bytes	seanB
#3	7.x-2.x: PHP 5.3 & MySQL 5.5, D7 19 pass, 13 fail PHP 5.4 & MySQL 5.5, D7 21 pass PHP 5.5 & MySQL 5.5, D7 21 pass PHP 5.6 & MySQL 5.5, D7 21 pass
	ldap_authentication-enabled_variable.patch	709 bytes	andrewsuth

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

andrewsuth CreditAttribution: andrewsuth at World Food Programme commented 8 January 2016 at 23:16

Status:

Active

» Needs review

Comment #2

seanB

Dutch

Netherlands

CreditAttribution: seanB commented 11 March 2016 at 12:37

This is actually something we need as well. I have only 1 remark:
The search() function should return:
* @return
* An array of matching entries->attributes (will have 0
* elements if search returns no results),
* or FALSE on error.

I think we should return an empty array instead of TRUE?

Comment #3

seanB

Dutch

Netherlands

CreditAttribution: seanB commented 11 March 2016 at 12:44

File	Size
ldap_authentication-enabled_variable-2459589-3.patch	737 bytes
7.x-2.x: PHP 5.3 & MySQL 5.5, D7 19 pass, 13 fail PHP 5.4 & MySQL 5.5, D7 21 pass PHP 5.5 & MySQL 5.5, D7 21 pass PHP 5.6 & MySQL 5.5, D7 21 pass

Updated patch attached.

Comment #4

sime

any/any

Melbourne

CreditAttribution: sime commented 4 January 2017 at 13:03

I have some integration tests using mink, the ones that need to log in hang locally when I can't access the LDAP server. I can make them work with:

// Disable ldap on authenitation - good for local dev.
$conf['ldap_user_conf'] = ['drupalAcctProvisionServer' => 0];

Comment #5

grahl

he/him

Zürich

CreditAttribution: grahl as a volunteer commented 9 March 2017 at 20:57

This might be a dumb question but why can't you disable the LDAP server you configured before you run your tests?

Comment #6

sime

any/any

Melbourne

CreditAttribution: sime commented 22 March 2017 at 23:15

It's a general pattern you see in many modules. You let the module decide how to remain enabled and not make calls out.

Comment #7

19 November 2017 at 14:31

grahl committed ee30b15 on 7.x-2.x

Issue #2459589 by andrewsuth, seanB, sime: LDAP Authentication: provide...

Comment #8

grahl

he/him

Zürich

CreditAttribution: grahl as a volunteer commented 19 November 2017 at 14:33

Status:

Needs review

» Fixed

Doing a return directly in search but still trying to connect and bind is not a solution from my perspective, however, since configuration overrides work just fine for this, I've updated install.txt to mention them and provided examples, which solve both reported cases.