Authentication

 
 
Picture of Ralf Steinke
Is there a possibility to access to passwd-file?
 
We want to import / allow to all students of our intranet (aprox. 2000) access to moodle. Each semester all passwords of our students are renewed. The best way to manage moodle the  moodle-Profile (passwords, email etc.) is to import the passwd- or shadow-file weekly by an cron-job.
We have tried to import the file but the password in passwd seems not crypted with md5.

Is there an other, possibility to access to these files or an script to do so?


 
Average of ratings: -
Martin in black and white
Re: Is there a possibility to access to passwd-file?
Group DevelopersGroup Documentation writersGroup Moodle HQGroup Particularly helpful MoodlersGroup Testers
Importing is so ugly. In any case, there is no way to decrypt those passwords.  What you need is an authentication plugin that can talk directly to the system with the passwords and everything is done in real time.

There may be ways to access the username/passwords via POP, IMAP, NNTP or LDAP. If so then you won't need to write anything, Moodle already has plugins for those.

Otherwise, if Moodle is on the same system, someone may want to tackle a "PAM" plugin for Moodle.


 
Average of ratings: -
Picture of Zbigniew Fiedorowicz
Re: Is there a possibility to access to passwd-file?
 

Here's a quick hack to do this. First log in as administrator into your Moodle installation and set your authentication method to "Manual accounts only".  Then use the admin/uploaduser.php script (latest development version of Moodle) to import all your users and assign them all the SAME password. For example, let this common password be "secret"

Next create an .htaccess file in your main Moodle directory which looks something like this.

AuthUserFile /etc/passwd
AuthGroupFile /dev/null
AuthName Moodle1_2d
AuthType Basic
<Limit GET>
require valid-user
</Limit>

Next add the following line to your moodle/index.php:


  require_login();

Finally edit login/index.php by adding the following lines:

if ($_SERVER['REMOTE_USER']) {
  $frm->username = $_SERVER['REMOTE_USER'];
  $frm->password = "secret";
}  else {
  $frm = data_submitted();
}

right after the existing lines:

$frm = false;
if (!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,"username=guest")) {
/// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
$frm->username = "guest";
$frm->password = "guest";
} else {
$frm = data_submitted();
}

Note to Martin: I would suggest that login/index.php be modified along the above lines in version 1.2. This would allow easy incorporation of various web server based authentication schemes.

 
Average of ratings:Useful (1)
Picture of Zbigniew Fiedorowicz
Re: Is there a possibility to access to passwd-file?
 

Just a small afterthought.  The modification to moodle/index.php should be:

if ($_SERVER['REMOTE_USER']) {
  require_login();
}
 
Average of ratings: -
Picture of Zbigniew Fiedorowicz
Enabling web server based authentication
 
     $frm = false;
     if (!empty($SESSION->wantsurl) and strstr($SESSION->wantsurl,'username=guest')) {
     /// Log in as guest automatically (idea from Zbigniew Fiedorowicz)
        $frm->username = 'guest';
        $frm->password = 'guest';
     } else if ($_SERVER['REMOTE_USER']) {
     /// Log in using some web server based authentication method
        $frm->username = $_SERVER['REMOTE_USER'];
        if ($_SERVER['REMOTE_USER'] == 'guest') {
           $frm->password = 'guest';
        } else {
        /// Dummy Moodle password which must be assigned to all users
        /// Use admin/uploaduser.php script to do this
        /// Use 'Manual accounts only' authentication setting in Moodle
        /// Also use $CFG->forcelogin = true
          $frm->password = 'secret';
        }
     } else {
        $frm = data_submitted();
     }
    
 
Average of ratings: -