Login to any Drupal site using credentials stored in Active Directory, OpenLDAP and other LDAP servers when the AD or LDAP does not have a public IP address. In other words, this module is best utilized if the LDAP Server is not directly accessible from your Drupal site. There are two parts to this module - One part sits on the Drupal site and the other sits on your DMZ.
Benefits
- The LDAP is privately accessible, hence it remains under your control and is more secure.
- No need to have the PHP LDAP extension enabled, hence better usability
- Simple configuration
- Multiple LDAP Configurations can be stored for multiple customers of a Drupal-based Cloud Service Provider and mapping to the users can be done on the basis of the domain name.
How this works:
1) User tries to login into the Drupal site. The request is handled by the module and forwarded to miniOrange.
2) miniOrange forwards the request to the Gateway, which resides on the DMZ. It has access to your LDAP since it resides in the same intranet.
3) The Gateway authenticates against the LDAP.
5) Success/Failure response is forwarded to miniOrange.
5) miniOrange forwards the appropriate response to the Drupal site. In case of a successful response, the user is logged in. If the user does not exist, the user gets created in Drupal.
Project Link: https://www.drupal.org/sandbox/gauravsood91/2556275
Git Clone:
git clone --branch 7.x-1.x http://git.drupal.org/sandbox/gauravsood91/2556275.git miniorange_ldap_ad_login
Manual Reviews of other projects:
https://www.drupal.org/node/2629594#comment-10669738
https://www.drupal.org/node/2578447#comment-10669728
https://www.drupal.org/node/2570465#comment-10669742
https://www.drupal.org/node/2629388#comment-10651670
https://www.drupal.org/node/2625476#comment-10618602
https://www.drupal.org/node/2622676#comment-10618628
https://www.drupal.org/node/2623014#comment-10618638
https://www.drupal.org/node/2545934#comment-10273369
https://www.drupal.org/node/2560149#comment-10274615
https://www.drupal.org/node/2561267#comment-10312947
https://www.drupal.org/node/2592439#comment-10544594
Please review the same and post bugs.
Comment | File | Size | Author |
---|---|---|---|
#30 | coder-results.txt | 1.85 KB | klausi |
#12 | drupal_gateway_diag_2.PNG | 22.16 KB | gauravsood91 |
Comments
Comment #2
gauravsood91 CreditAttribution: gauravsood91 commentedComment #3
gauravsood91 CreditAttribution: gauravsood91 commentedComment #4
gauravsood91 CreditAttribution: gauravsood91 commentedComment #5
PA robot CreditAttribution: PA robot commentedThere are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpgitdrupalorgsandboxgauravsood912556275git
We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)
Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).
I'm a robot and this is an automated message from Project Applications Scraper.
Comment #6
gauravsood91 CreditAttribution: gauravsood91 commentedComment #7
gauravsood91 CreditAttribution: gauravsood91 commentedComment #8
gauravsood91 CreditAttribution: gauravsood91 commentedComment #9
gauravsood91 CreditAttribution: gauravsood91 commentedComment #10
gauravsood91 CreditAttribution: gauravsood91 commentedComment #11
gauravsood91 CreditAttribution: gauravsood91 commentedComment #12
gauravsood91 CreditAttribution: gauravsood91 commentedComment #13
gauravsood91 CreditAttribution: gauravsood91 commentedComment #14
gauravsood91 CreditAttribution: gauravsood91 commentedComment #15
kalpeshhiran CreditAttribution: kalpeshhiran as a volunteer commentedHello.
I reviewed you module. I found few warning there. Is there any specific reason to use raw posted inputs instead of values?
Everything else looks great.
Comment #16
gauravsood91 CreditAttribution: gauravsood91 commentedHi,
Thanks for reviewing. The reason I am using the raw posted inputs is that the sanitized input is available after the block mentioned. It is the default login of Drupal which I am modifying.
Is this something that I urgently need to fix?
Thanks,
Gaurav
Comment #17
gauravsood91 CreditAttribution: gauravsood91 commentedComment #18
kvij_10 CreditAttribution: kvij_10 commentedHey,
I reviewed the module.I ran the automated test and apart from using $form['input'] instead of $form['values'], it seems to be fine.
Thanks.
Comment #19
kvij_10 CreditAttribution: kvij_10 commentedComment #20
kvij_10 CreditAttribution: kvij_10 commentedComment #21
gauravsood91 CreditAttribution: gauravsood91 commentedComment #22
kvij_10 CreditAttribution: kvij_10 commentedHi,
I reviewed your module manually.Below are some of the points which your module follows.
Individual user account
Yes: Follows guidelines for individual user accounts.
No duplication
Yes: Does not cause module duplication and/or fragmentation.
Master Branch
Yes: Follows the guidelines for master branch.
Licensing
Yes: Follows the licensing requirements.
3rd party assets/code
Yes: Follows the guidelines for 3rd party assets/code.
README.txt/README.md
Yes: Follows the guidelines for in-project documentation and/or the README Template.
Code long/complex enough for review
Yes: Follows the guidelines for project length and complexity.
Secure code
Yes: Meets the security requirements
Coding style & Drupal API usage
Yes: It follows code and API guidelines.
Thanks.
Comment #23
gauravsood91 CreditAttribution: gauravsood91 commentedComment #24
gauravsood91 CreditAttribution: gauravsood91 commentedI have fixed the code to use $form['values'] and removed references to $form['input']
Comment #25
gauravsood91 CreditAttribution: gauravsood91 commentedComment #26
gauravsood91 CreditAttribution: gauravsood91 commentedComment #27
gauravsood91 CreditAttribution: gauravsood91 commentedComment #28
gauravsood91 CreditAttribution: gauravsood91 commentedThis module has been in RTBC for a few weeks. I think I have completed all steps mentioned in https://www.drupal.org/node/1011698 . Is there anything I am missing?
Comment #29
gauravsood91 CreditAttribution: gauravsood91 commentedComment #30
klausiReview of the 7.x-1.x branch (commit d44e735):
This automated report was generated with PAReview.sh, your friendly project application review script. You can also use the online version to check your project. You have to get a review bonus to get a review from me.
manual review:
Removing review bonus tag, you can add it again if you have done another 3 reviews of other projects.
Comment #31
gauravsood91 CreditAttribution: gauravsood91 commentedThanks for pointing the code issues out. I will fix these and upload again asap.
Comment #32
gauravsood91 CreditAttribution: gauravsood91 commentedI have fixed the issues. Settings status as "Needs Review"
Comment #33
gauravsood91 CreditAttribution: gauravsood91 commentedComment #34
gauravsood91 CreditAttribution: gauravsood91 commentedComment #35
gauravsood91 CreditAttribution: gauravsood91 commentedComment #36
gauravsood91 CreditAttribution: gauravsood91 commentedComment #37
gauravsood91 CreditAttribution: gauravsood91 commentedComment #38
kalpeshhiran CreditAttribution: kalpeshhiran as a volunteer commentedHello,
I have done manual review for your project and I can see all issues pointed by klausi have been fixed.
Automatic Review
http://pareview.sh/pareview/httpgitdrupalorgsandboxgauravsood912556275git looks good,
though no automated test cases written
Manual Review
This review uses the Project Application Review Template.
Looks good to me. Moving it to RTBC
Comment #39
kalpeshhiran CreditAttribution: kalpeshhiran as a volunteer commentedComment #40
gauravsood91 CreditAttribution: gauravsood91 commentedComment #41
gauravsood91 CreditAttribution: gauravsood91 commentedComment #42
ItangSanjana CreditAttribution: ItangSanjana commentedNo automated test cases were found, good.
Individual user account
Yes: Follows guidelines for individual user accounts.
No duplication
Yes: Does not cause module duplication and/or fragmentation.
Master Branch
Yes: Follows the guidelines for master branch.
Licensing
Yes: Follows the licensing requirements.
3rd party assets/code
Yes: Follows the guidelines for 3rd party assets/code.
README.txt/README.md
Yes: Follows the guidelines for in-project documentation and/or the README Template.
Code long/complex enough for review
Yes: Follows the guidelines for project length and complexity.
Secure code
Yes: Meets the security requirements
Coding style & Drupal API usage
Yes: It follows code and API guidelines.
Comment #43
klausimanual review:
The leaking of error information directly to HTML with print statements is a blocker right now.
Comment #44
gauravsood91 CreditAttribution: gauravsood91 commentedI have made the changes required. The hardcoded admin role was unnecessary and have removed it. It was thought of at one point in time but then realised that it wasn't needed but the code remained. I have removed that and have fixed the remaining issues which have been pointed out, including the errors being printed to html.
Any other blockers for this module?
Comment #45
gauravsood91 CreditAttribution: gauravsood91 commentedComment #46
gauravsood91 CreditAttribution: gauravsood91 commentedComment #47
gauravsood91 CreditAttribution: gauravsood91 commentedComment #48
gauravsood91 CreditAttribution: gauravsood91 commentedComment #49
kalpeshhiran CreditAttribution: kalpeshhiran as a volunteer commentedI have done manual review for the project and also tested for the issues pointed by klausi and I can see all of them are fixed.
Everything looks good. Moving it to RTBC
Comment #50
kalpeshhiran CreditAttribution: kalpeshhiran as a volunteer commentedComment #51
klausimanual review:
"watchdog('miniorange_ldap', curl_error($ch));": the first parameter of watchdog() should be a translatable message with placeholders for dynamic variables. It is important that those dynamic variables get sanitized with the correct placeholder, make sure to read https://www.drupal.org/node/28984 again.
Comment #52
gauravsood91 CreditAttribution: gauravsood91 commentedI have made the change regarding watchdog messages. Setting it back to 'Needs Review'.
Comment #53
gauravsood91 CreditAttribution: gauravsood91 commentedComment #54
kalpeshhiran CreditAttribution: kalpeshhiran as a volunteer commentedI have reviewed change for watchdog function and it looks good . Moving it to RTBC
Comment #55
klausimanual review:
'#markup' => '<h3>Enter Gateway URL</h3>',
: all user facing text must run through t() for translation. Make sure to check all your strings, for example also in miniorange_ldap_gateway_setup().Although you should definitely fix those issues they are not critical application blockers, otherwise looks RTBC to me.
Assigning to er.pushpinderrana as he might have time to take a final look at this.
Comment #56
gauravsood91 CreditAttribution: gauravsood91 commentedThanks for the review Klausi. I'll definitely fix those issues as well. I'll try for more concrete information passed to the watchdog calls tracking cURL or JSON errors. I am thinking of logging the file/method combination so as to provide the admin the source of the error.
Comment #57
klausiOK, since @kalpeshhiran confirmed the RTBC already ...
Thanks for your contribution, @gauravsood91!
I updated your account so you can promote this to a full project and also create new projects as either a sandbox or a "full" project.
Here are some recommended readings to help with excellent maintainership:
You can find lots more contributors chatting on IRC in #drupal-contribute. So, come hang out and stay involved!
Thanks, also, for your patience with the review process. Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.
Thanks to the dedicated reviewer(s) as well.
Comment #58
gauravsood91 CreditAttribution: gauravsood91 commentedThanks :D