[ZendTo] {SPAM?} Re: Antwort: Re: Antwort: Re: Antwort: Re: LDAPAuthorization for zendto

Jules Jules at Zend.To
Sun Jan 2 22:06:17 GMT 2011 

I will try to implement your suggestion for the proxy server. I have 
always had a direct internet connection, so have never had the need for 
any proxies.

Cheers,
Jules.

On 14/12/2010 20:10, patrick.gaikowski at kaufland.com wrote:
>
> Hi Jules,
>
> we can live very good with that two messages. It was only a design 
> question from me. LDAP is now working with Authentication and 
> Authorization. Now we can assign a special role to users who should be 
> able to share files outside our domain.
>
> You did a very good job! Now we can offer our colleagues in China a 
> solution for controlled file sharing.
>
> Ah i have an additional solution for users, who use a proxy for 
> outside communication for captcha (validation). With that 
> configuration you're able to establish such a solution in LANs with no 
> direct Internet access. I found the code in a forum. It would be good 
> to integrate it to source.
>
> *recaptchalib.php *...
>
> # $http_request = "POST $path HTTP/1.0\r\n";
> $http_request = "POST http://".$host.":".$port.$path." HTTP/1.1\r\n";
>
> # if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) {
> if( false == ( $fs = @fsockopen("*<PROXY_IP>*", "*<PROXY_PORT>*", 
> $errno, $errstr, 15) ) ) {
>
> Now zendto sends POST to Proxy
>
> [07/Dec/2010:21:08:26 +0100] "POST 
> http://www.google.com/recaptcha/api/verifyHTTP/1.1" 200 528 
> TCP_MISS:DIRECT
>
> Source: 
> http://www.greenhughes.com/content/recaptcha-drupal-and-proxy-way-make-it-all-work-together
>
>
>
>
> http://www.kaufland.de
>
> Kaufland Informationssysteme GmbH & Co. KG
> Postfach 12 53 - 74149 Neckarsulm
> Kommanditgesellschaft
> Sitz: Neckarsulm
> Registergericht: Amtsgericht Stuttgart HRA 104163
>
> Diese Nachricht enthält vertrauliche Informationen und ist 
> ausschließlich für
> den Adressaten bestimmt. Jeder Gebrauch durch Dritte ist verboten. 
> Falls Sie
> die Daten irrtümlich erhalten haben, nehmen Sie bitte Kontakt mit dem
> Absender auf und löschen Sie die Daten auf jedem Computer und Datenträger.
> This message contains confidential information and is intended solely 
> for the
> use by the addressee. Any use of this message by a third party is 
> prohibited.
> If you receive this message in error, please contact the sender and 
> delete the
> data from any computer and data carrier.
>
>       Inactive hide details for Jules <Jules at zend.to>Jules
>       <Jules at zend.to> 
>
>
>       *Jules <Jules at zend.to>*
>       Gesendet von: zendto-bounces at zend.to
>
>       14.12.2010 16:26
>       Bitte antworten an
>       ZendTo Users <zendto at zend.to>
>
> 	
>
> 	
> ZendTo Users <zendto at zend.to>
>
> 	
>
> Thema
> 	
> [ZendTo] Re: Antwort: Re: Antwort: Re: LDAPAuthorization for zendto
>
> 	
>
>
> Yes, I agree that's not perfect. But I can't find a decent way within 
> the existing data structures of implementing this without a nasty hack :-(
>
> There are other reasons the authentication might fail, even when they 
> have put in the right username and password, such as too many failed 
> login attempts causing them to be locked out. But that's all 
> implemented in a different place, which doesn't have access to the 
> LDAP code at all.
>
> The return code is just a true/false value, and I really don't want to 
> change that if I can avoid it. Using a non-zero value to represent 
> failure is *really bad* in my book, as in the current code a result of 
> 0 is failure and 1 is success. I really don't want to represent 
> "failure but for a different reason" as 2.
>
> I admit you get the "username or password incorrect" error message as 
> well, when ideally you shouldn't, but at least the first error message 
> it gives is the correct one.
>
> Any better ideas of how I can implement it neatly and logically?
>
> Jules.
>
> On 14/12/2010 15:09, _patrick.gaikowski at kaufland.com_ 
> <mailto:patrick.gaikowski at kaufland.com>wrote:
>
>             Hello Jules,
>
>             yes this was the missing point.
>
>             An optimization would be to have only the error message
>             "Authorisation failed" when the Authentication was
>             successful. In this context the Input credentials seems to
>             be wrong but the aren't. As you can see on the screenshot
>             the user seems to be logged in but isn't logged in because
>             auf missing rights.
>
>
>
>
>
>
>
>
>             Greetings
>
>             Patrick
>
>
>             _
>             __http://www.kaufland.de_ <http://www.kaufland.de/>
>
>             Kaufland Informationssysteme GmbH & Co. KG
>             Postfach 12 53 - 74149 Neckarsulm
>             Kommanditgesellschaft
>             Sitz: Neckarsulm
>             Registergericht: Amtsgericht Stuttgart HRA 104163
>
>             Diese Nachricht enthält vertrauliche Informationen und ist
>             ausschließlich für
>             den Adressaten bestimmt. Jeder Gebrauch durch Dritte ist
>             verboten. Falls Sie
>             die Daten irrtümlich erhalten haben, nehmen Sie bitte
>             Kontakt mit dem
>             Absender auf und löschen Sie die Daten auf jedem Computer
>             und Datenträger.
>             This message contains confidential information and is
>             intended solely for the
>             use by the addressee. Any use of this message by a third
>             party is prohibited.
>             If you receive this message in error, please contact the
>             sender and delete the
>             data from any computer and data carrier.
>
>
>
>             _______________________________________________
>             ZendTo mailing list
>             _ZendTo at zend.to_ <mailto:ZendTo at zend.to>
>             _http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto_
>
>
> Jules
>
> -- 
> Julian Field MEng CITP CEng
> _www.Zend.To_ <http://www.zend.to/>
>
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Follow me at twitter.com/JulesFM
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto

Jules

-- 
Julian Field MEng CITP CEng
www.Zend.To

Follow me at twitter.com/JulesFM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654

'All programs have a desire to be useful' - Tron, 1982

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110102/3201c999/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 105 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110102/3201c999/attachment-0004.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 45 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110102/3201c999/attachment-0005.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 5220 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110102/3201c999/attachment-0006.gif 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1477 bytes
Desc: not available
Url : http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110102/3201c999/attachment-0007.gif

More information about the ZendTo mailing list