mantis AD與DB密碼雙重認證

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

修改檔案 core/authentication_api.php 如下:
在  function auth_does_password_match 裡
將
  if ( LDAP == $t_configured_login_method ) {
至
                       return true;
                     }
               }
 
改以以下程式碼取代
      $t_password         = user_get_field( $p_user_id, 'password' );
      $t_login_methods   = Array(MD5, CRYPT, PLAIN);
      foreach ( $t_login_methods as $t_login_method ) {
 
         # pass the stored password in as the salt
         if ( auth_process_plain_password( $p_test_password, $t_password, $t_login_method ) == $t_password ) {
            # Check for migration to another login method and test whether the password was encrypted
            # with our previously insecure implemention of the CRYPT method
            if ( ( $t_login_method != $t_configured_login_method ) ||
               ( ( CRYPT == $t_configured_login_method ) && substr( $t_password, 0, 2 ) == substr( $p_test_password, 0, 2 ) ) ) {
               user_set_password( $p_user_id, $p_test_password, true );
            }
 
            return true;
         }
      }
 
      if ( LDAP == $t_configured_login_method ) {
         return ldap_authenticate( $p_user_id, $p_test_password );
      }
在 function auth_process_plain_password 裡
在 case MD5: 前新增一行程式碼如下
       case LDAP:
在 mantis 目錄底下新增 custom_functions_inc.php，讓使用者可以修改自己的密碼
內容如下
 <?php
 function custom_function_override_auth_can_change_password() {
   return true;
 }
 ?>

修改檔案 core/authentication_api.php 如下: 在 function auth_does_password_match 裡 將 if ( LDAP == $t_configured_login_method ) { 至 return true; } } 改以以下程式碼取代 $t_password = user_get_field( $p_user_id, 'password' ); $t_login_methods = Array(MD5, CRYPT, PLAIN); foreach ( $t_login_methods as $t_login_method ) { # pass the stored password in as the salt if ( auth_process_plain_password( $p_test_password, $t_password, $t_login_method ) == $t_password ) { # Check for migration to another login method and test whether the password was encrypted # with our previously insecure implemention of the CRYPT method if ( ( $t_login_method != $t_configured_login_method ) || ( ( CRYPT == $t_configured_login_method ) && substr( $t_password, 0, 2 ) == substr( $p_test_password, 0, 2 ) ) ) { user_set_password( $p_user_id, $p_test_password, true ); } return true; } } if ( LDAP == $t_configured_login_method ) { return ldap_authenticate( $p_user_id, $p_test_password ); } 在 function auth_process_plain_password 裡 在 case MD5: 前新增一行程式碼如下 case LDAP: 在 mantis 目錄底下新增 custom_functions_inc.php，讓使用者可以修改自己的密碼 內容如下 <?php function custom_function_override_auth_can_change_password() { return true; } ?>