I recently added webserver auth to my drupal setup. On a clean install, the module works really well (great job - it was exactly what I needed!!). When I add webserver_auth to an existing setup I recieve the following error:
warning: array_keys() [function.array-keys]: The first argument should be an array in C:\Program Files\xampp\htdocs\modules\user.module on line 348.
warning: implode() [function.implode]: Bad arguments. in C:\Program Files\xampp\htdocs\modules\user.module on line 348.
user warning: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 query: SELECT DISTINCT(p.perm) FROM role r INNER JOIN permission p ON p.rid = r.rid WHERE r.rid IN () in C:\Program Files\xampp\htdocs\includes\database.mysql.inc on line 120.
I'm using Apache 2.2 on a XP box to authenticate against an AD server. I'm using drupal and mysql. I'm also using taxonomy access and taxonomy...
Comment | File | Size | Author |
---|---|---|---|
#1 | webserver_auth_init.patch.txt | 1.8 KB | jsloan |
Comments
Comment #1
jsloan CreditAttribution: jsloan commentedThis happens when you have user settings set to "Only site administrators can create new user accounts."
The reason for this is because webserver_auth uses the GLOBAL $user as a result for the call to user_external_load()
but if the user does not exist the function returns 0 and the GLOBAL $user object is set to equal 0.
Now that we have clobbered the $user object the function user_access() can't see the variable $account->roles and this is the cause of the error. (note: if $account is_null $account = $user)
proposed fix:
- change from $user to $webserver_auth_user = user_external_load()
if $webserver_auth_user is FALSE then create a new account if enabled and the $user object is recreated
ELSE assign $user = $webserver_auth_user
This will fix the error you are seeing.
But this brings up a completely different problem.
From my investigation it seems that webserver_auth will auto-login only external accounts. So you can't use local created accounts! For this module to work you must have an account record in the authmap table.
I think that this is unnecessary and I think that user_load() should be used instead of user_external_load()
I also do not want every visitor to have an account created automatically so I recommend that an additional variable called "webserver_auth_create_user" be set to either TRUE or FALSE. This way I can allow users to create their own account manually and then they will auto-login when they return.
On our Intranet we use the LDAP_Integration module for authentication and upon the initial login the user account is created. This way NTLM authenticated users can remain anonymous visitors to some sites and join when they first login.
proposed changes:
- use user_load() instead of user_external_load()
- add system variable "webserver_auth_create_user" to settings
- add the test for "webserver_auth_create_user" when an unregistered user is found
the attached patch will do all the proposed items when applied to Webserver Auth 4.7.0
comments and corrections are expected!
Comment #2
jsloan CreditAttribution: jsloan commented... yes - the first code snippet was wrong, it should be like this:
Comment #3
moshe weitzman CreditAttribution: moshe weitzman commentedi believe this was just fixed today in a different issue.