It’s been a long time since we posted on our blog, and i thought that it was about time we do, especially that this is the first time we post a blog on our brand new website!
A small brief, Orange HRM is a human resource management solution and is available both as an open source and advanced hosted application, it now has more than one million users and its functionality includes HR duties, such as employee information management, performance evaluations, etc.
LDAP gives you query method’s to add, update and remove objects within a directory, it does not provide a database, a database provides LDAP access to itself.
Here is how you can authenticate Orange HRM users using LDAP:
0. Before you start:
The following was tested on a Centos 6.4 machine. This method will ONLY authenticate OrangeHRM user’s using the ldap_bind function provided by the php_ldap library.
It won’t alter the LDAP directory in anyway.
If the user changed their data on OrangeHRM it won’t be synchronized with the LDAP directory.
The username in the OrangeHRM should match that in the LDAP directory.
Make a backup of your whole OrangeHRM directory!
1. Make sure you have these installed (Or their equivalence for your own Linux distribution):
# yum install mod_authz_ldap.x86-64 php_ldap.x86-64
# service httpd restart
2. Edit the following file:
# vim orangehrm/symfony/apps/orangehrm/modules/auth/actions/validateCredentialsAction.class.php
//before the try closure add the following lines:
$connection=ldap_connect(“yourLDAPserver.com”); #Can be the server’s IP as well
if ($connection) {
$sr=ldap_search($connection, “dc=yourCompany, dc=com”, “uid=” . $username);
$info = ldap_get_entries($connection, $sr);
$data= $info[0][“dn”];
$success=ldap_bind($connection,$data,$password);
ldap_close($connection);
}
// The try closure starts here
try {
// Move the line starting with $success inside the if ($success) closure
if ($success)
{
$success = $this->getAuthenticationService()->setCredentials($username, “fakepassword”, $additionalData);
$this->redirect($this->getHomePageService()->getPathAfterLoggingIn($this->getContext()));
}
3. Comment the following line in following file:
# vim orangehrm/symfony/apps/orangehrm/lib/model/auth/dao/AuthenticationDao.php
# ->andWhere(‘user_password = ?’, $password) // Just add # before the line
Voila!
We hope this was useful, and if you have any additional information you’d like to add, please share away
If you like this post, check our website regularly for new blog updates.
Check us out on: