t3ext-ig_ldap_sso_auth
t3ext-ig_ldap_sso_auth copied to clipboard
xperseguers
Make extension compatible with TYPO3 v12
This is a pretty large contribution in which we have made the extension compatible with TYPO3 v12.
We dropped support for older versions of TYPO3 completely as some things are pretty hard to do and in our opinion it just does not make sense to put in all of that effort as people should update their TYPO3 installations anyway.
@datamints-off thanks for working on this. I just tried it out with TYPO3 v12.4 and composer based installation trying to open the backend module for be-users or ldap I get an error:
"RuntimeException Unable to get property "beUserLogin" of non-object "getTSFE()"."
Oh my!!! What a work.
Unfortunately I won't merge everything just like that, sorry, but all my extensions must be compatible with at least 2 LTS versions, there's no way around it because this extension is considered "enterprise level" and any "enterprise-level" extension shall support at least 2 consecutive LTS versions.
So it seems like your update works on our system, thank you!
You're welcome!
Unfortunately I won't merge everything just like that, sorry, but all my extensions must be compatible with at least 2 LTS versions, there's no way around it because this extension is considered "enterprise level" and any "enterprise-level" extension shall support at least 2 consecutive LTS versions.
OK, I understand that. I'll check back with my company if we have resources to add the compatibility for TYPO3 v111 back in.
OK, so we have no resources to bring back the v11 compatibility at the moment. Sorry!
Hi @datamints-off, Thanks for your great contribution. We were looking into the work needed to update the plugin as we have to deploy it on some v12 projects but you seem to have done an amazing job. We'll test it soon and report and/or contribute to fix issues we might find. If you need some help, we can of course try to contribute. @xperseguers : why not have a version only v12+ compatible and keep the existing version that is already v11. That's pretty common for extensions on the TER (powermail does that for instance) and in general. Current 3 branch could be a maintenance release for 10/11 and v4 would be for v12+. That would allow to keep some consistency to the extension instead of having a forked module. Additionally, several people would miss that a v12 version exists if it's only available in a pull request.
@CIMEOS wrote:
why not have a version only v12+ compatible...
There's no other reason than that's just not the way I want my extensions to be. I love extensions I use being compatible with 2 LTS as it gives me much more confidence while upgrading, so I do exactly that for my own extensions. Really no other reason :)
@datamints-off is your forked extension working with php8.2 and typo3 v12? are you using it in production? then i will try to use your fork for my project
@agendartobias I "ported" the extension to TYPO3 v12 for our customer project. It should be compatible with PHP v8.1 (although I haven't used it only with PHP v8.1 until now). We're using it in production and have not come across any issues so far.
I'm back in the office on Friday and will have a look at this then.
Am Mi., 9. Aug. 2023 um 15:09 Uhr schrieb agendartobias < @.***>:
@datamints-off https://github.com/datamints-off any idea when i click the backend module LDAP / SSO and then chose Import LDAP users (Frontend) i get this error:
TYPO3\CMS\Core\Routing\PageArguments::__construct(): Argument #2 ($pageType) must be of type string, int given, called in /srv/www/typo3/typo3_source/typo3_src-12.4.3/typo3/sysext/core/Classes/Utility/GeneralUtility.php on line 2968
I am using TYPO3 12.4.3 and PHP 8.1 and your master branch of extension
— Reply to this email directly, view it on GitHub https://github.com/xperseguers/t3ext-ig_ldap_sso_auth/pull/174#issuecomment-1671298741, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOURDFFKLTRCKLS4O7PPKR3XUODZTANCNFSM6AAAAAAXDYMO2A . You are receiving this because you were mentioned.Message ID: @.***>
It was my mistake sory. Now i get FE groups & users imported in TYPO3. But the problem is that i cannot login to frontend.
In log i get this error:
Core: Error handler (BE): PHP Warning: Undefined property: Causal\IgLdapSsoAuth\Utility\LdapUtility::$connection in /srv/www/typo3/mydomain/typo3conf/ext/ig_ldap_sso_auth/Classes/Utility/LdapUtility.php line 213
and
Thu, 10 Aug 2023 08:01:06 +0200 [ERROR] request="b6400199234db" component="Causal.IgLdapSsoAuth.Service.AuthenticationService": Authentication failed - {"username":"renet","remote":"172.16.0.213 ()","diagnostic":"","configUid":1}
Any idea how can i debug this?
Im 100% that same config and connection for AD works because i tested it in old version of the extension and TYPO3
And i see that the problem is only for Frontend login. Backend login works OK.
How does Backend login work for all of you?
I've downloaded the TYPO3 v12 branch and installed this extension. But when I active the option 'Backend LDAP authentication', I'll get the following error, after login into the TYPO3 backend:
Class "TYPO3\CMS\Extbase\Domain\Model\BackendUserGroup" not found
When deactivate this option, I can login into the backend again.
The error appears, because the model 'BackendUserGroup' was deprecated and removed in TYPO3 v12. But the extension is still using it.
I also don't have a backend module LDAP / SSO.
Can anyone help me?
I have same problem with not showing backend module. Strange but easy fix was that when you are logedin in TYPO3 backend open debugging tools (F12 for Chrome) and reload site again with CTRL SHIFT R. After that backend module is visible. You need to do this only once.
Did you download extension from here - https://github.com/datamintsGmbH/t3ext-ig_ldap_sso_auth/tree/master ?
Did you download extension from here
No I did not. 🙈 Thank you! Now the backend module is visible and the exception gone.
@agendartobias I didn't check frontend login during my port as we only use the extension for backend login.
@Bewital-Michi Yes, the problem with the backend module is known to me; but currently my company is not investing more effort into this project as
- the branch will never get merged into the extension (see the answer of @xperseguers above)
- we're not using the backend module at all
For anyone looking for a band-aid fix/workaround for the issue with Frontend login: It seems simply adding a column admin to the fe_users table makes logging in work again. Apparently this version does not distinguish between BE and FE users and tries to find this column in both cases.
Just some info... after thinking about it and seeing the amount of work invested here, I'll think of just being pragmatic and accepting this PR for v12 only.
Hey @Obnoxieux still dont work for me. I get this error:
[ERROR] request="b6400199234db" component="Causal.IgLdapSsoAuth.Service.AuthenticationService": Authentication failed - {"username":"renet","remote":"172.16.0.213 ()","diagnostic":"","configUid":1}
Any idea?
@agendartobias
That is going to be complicated - to start, used this as a base: https://github.com/mschwemer/t3ext-ig_ldap_sso_auth/tree/master
There are some addtional fixes in there, but to be fair I didn't really look into them in detail.
Then, I applied the attached patch in my project - not perfect, but mostly works. That message still shows up in the logs but login works now.
I hope that helps (I am far from an expert here)
This PR maybe should be closed in favor of #190 . The main contribution still comes from datamints. So thanks for your effort.
@Obnoxieux one more question - does SSO work for you in combination with libapache2-mod-auth-gssapi ?
The problem is in: https://github.com/mschwemer/t3ext-ig_ldap_sso_auth/blob/master/Classes/Utility/Typo3Utility.php#L22 i try to die(); the code before return self::FE; but nothing happens if i refresh FRONTEND. If i die(); code before return self::BE; and refresh frontend i brake the page. So i think condition for FE/BE context dont work. But i dont know how to solve it.