Trace: » How to integrate GLPI into eGroupware so that you avoid a double identification when you're using Active Directory as the external authentication source ?

How to integrate GLPI into eGroupware so that you avoid a double identification when you're using Active Directory as the external authentication source ?

Those modifications are valid for GLPI 0.68.3 and eGroupware 1.2.104

  • Copy the GLPI folder into the directory ”…htdocs/egroupware/”
  • Create the file ”…htdocs/egroupware/glpi/setup/setup.inc.php” like this :
<?php
    /**************************************************************************
    * eGroupWare - glpi                                                    *
    * http://www.egroupware.org                                                *
    * --------------------------------------------                             *
    *  This program is free software; you can redistribute it and/or modify it *
    *  under the terms of the GNU General Public License as published by the   *
    *  Free Software Foundation; either version 2 of the License, or (at your  *
    *  option) any later version.                                              *
    **************************************************************************/
 
    /* $Id: setup.inc.php 21493 2006-04-30 12:53:55Z ralfbecker $ */
 
    $setup_info['glpi']['name']    = 'glpi';
    $setup_info['glpi']['version'] = '0.68.3';
    $setup_info['glpi']['app_order'] = 3;
    $setup_info['glpi']['enable']  = 1;
 
    $setup_info['glpi']['license']  = 'GPL';
    $setup_info['glpi']['description'] =
        'Gestionnaire de tickets.';
    $setup_info['glpi']['note'] = 
        '';
    $setup_info['glpi']['author'] = $setup_info['glpi']['maintainer'] = array(
        'name'  => 'INDEPNET Development Team',
        'email' => 'glpi-porject.org'
    );
 
 
    /* The hooks this app includes, needed for hooks registration */
 
 
    /* Dependencies for this app to work */
  • Optionally, create the file ”…htdocs/egroupware/glpi/templates/default/images/navbar.png” (this image will appear in the eGroupWare applications menu)
  • Add the GLPI application (State : Enabled - Popup Window) and give the rights to the eGroupware users
  • Modify the GLPI index.php (send automatically the form with 'last_loginid' as login value) :
echo "<div id='boxlogin'>";
 
    echo "<form action='login.php' name='connexion' method='post'>";
    // authentification CAS
 echo "<div class='row'><span class='label'><label>".$lang["login"][6]." :  </label></span><span class='formw'> <input type='text' name='login_name' id='login_name' value='".$_REQUEST['last_loginid']."' size='15' /></span></div>";
 
    echo "<div class='row'><span class='label'><label>".$lang["login"][7]." : </label></span><span class='formw'><input type='password' name='login_password' id='login_password' value='bidon' size='15' /> </span></div>";
 
    echo "</fieldset>";
    echo "<p ><span> <input type='submit' name='submit' value='".$lang["buttons"][2]."' class='submit' /></span></p>";
    echo "</form>";
 
    echo "<script type='text/javascript'>\n";
    echo "document.connexion.submit.click();";
    echo "</script>\n";
  • Modify GLPI login.php (ignore the 'connection_ldap_active_directory' authentication test):
// Fifth try Active directory LDAP in depth search
        // we check all the auth sources in turn...
        // First, we get the dn and then, we try to log in
        if (!$auth_succeded&&!empty($cfg_glpi["ldap_host"])) {
            //echo "AD";
            $found_dn=false;
            $auth_succeded=0;
            $found_dn=$identificat->ldap_get_dn_active_directory($cfg_glpi["ldap_host"],$cfg_glpi["ldap_basedn"],$_POST['login_name'],$cfg_glpi["ldap_rootdn"],$cfg_glpi["ldap_pass"],$cfg_glpi["ldap_port"]);
            //echo $found_dn."---";
            if ($found_dn!=false&&!empty($_POST['login_password'])){ 
                //$auth_succeded = $identificat->connection_ldap_active_directory($cfg_glpi["ldap_host"],$found_dn,$_POST['login_name'],$_POST['login_password'],$cfg_glpi["ldap_condition"],$cfg_glpi["ldap_port"]);
                $auth_succeded=true;
                if ($auth_succeded) {
                    $identificat->extauth=1;
                    $user_present = $identificat->user->getFromDBbyName($_POST['login_name']);
                    $identificat->user->getFromLDAP_active_directory($cfg_glpi["ldap_host"],$cfg_glpi["ldap_port"],$found_dn,$cfg_glpi["ldap_rootdn"],$cfg_glpi["ldap_pass"],$cfg_glpi['ldap_fields'],$_POST['login_name'],$cfg_glpi["ldap_condition"]);
                }
            }
        }
  • Modify the GLPI logout.php (close the GLPI window):
// Redirect to the login-page
 
//glpi_header($cfg_glpi["root_doc"]."/".$noCAS);
echo "<html><body onload=\"javascript:window.close();\"></body></html>"
?>