[ZendTo] custom authenticators in preference.php

Travis Zimmerman TZimmerman at fsu.edu
Tue Aug 27 16:53:22 BST 2019 

A while back you suggested that I should make a custom authenticator to deal our separate domains for students and staff, which has been working out great for us so far. Thanks for that suggestion.
I noticed when I ran the update script that the stanza for my authenticator gets marked as obsolete, would it be possible to add a prefs.d directory to stick custom preferences like mine in so that they get loaded along with the main preference file but the update script doesn’t mark them as obsolete?
Just out of curiosity do we need the individual authenticator attributes, since we could just use the Multi authenticator attribute? If we just want one auth method, we could only put in one method instead.
‘authMultiAuthenticators’ => array(‘LDAP’),


I don’t think you will find much in my code for my custom authenticator useful for others but I said I would send it to you in case there is anything of use. Most of the code is still your code and I just made some minor adjustments to use different attributes, as the AD admins had put the e-mail/username in a non-standard attribute.
One thing that was handy for me to reduce errors was to use the domain part of the e-mail address to restrict users from being tested in the wrong domain, in my case I didn’t want staff/faculty being authenticated in the student AD. Just a simple compare of the e-mail domain against the authMyFSUAccountSuffix attribute.

  // Custom MyFSU authenticator
  // 'authenticator'         => 'MyFSU',
  'authMyFSUServers'            => array(‘cloud.server.url'),
  'authMyFSUBaseDN'             => 'DC=cloud,DC=server,DC=url',
  'authMyFSUAccountSuffix'      => ‘@my.fsu.edu',
  'authMyFSUUseSSL'             => false,
  'authMyFSUUseTLS'             => true,
  'authMyFSUBindUser'           => ‘<proxy account>',
  'authMyFSUBindPass'           => ‘<password>',
  'authMyFSUOrg'                => 'Florida State University',

------------------------------------------------------
Travis Zimmerman tzimmerman at fsu.edu<mailto:tzimmerman at fsu.edu> 850-645-8030
Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu<mailto:its-linuxadmins at fsu.edu>
Information Technology Services, Florida State University

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20190827/1f9af795/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NSSMyFSUAuthenticator.php
Type: text/php
Size: 20634 bytes
Desc: NSSMyFSUAuthenticator.php
URL: <http://jul.es/pipermail/zendto/attachments/20190827/1f9af795/attachment-0001.bin>

More information about the ZendTo mailing list