NTLM Login with AD users with apostrophe in their name

NTLM Login with AD users with apostrophe in their name

by Ian Fogarty -
Number of replies: 4
Hi

I feel I keep on posting problems with users with apostrophes.

We had a problem with LDAP (Active Directory) users who had apostrophes in their names which was solved with the help of Iñaki (Post 54901)

Since then, we have gone live with the NTLM module and it works a treat but I have a found a problem with it in regards apostrophes in usernames. If a user with an apostrophe tries to login via NTLM, an error message is displayed saying that NTLM is not enabled for this page and click here to login manually. From looking at the code, this seems to be the last else, sort of like a standard error message.

We can sort of get round part of this problem for one of our moodles as there are only 7 users, so there are unfortunately getting new logins but now that my manager has seen what single sign on can do, they want to go live on the student moodle, but there are 70+ potential users for that system.

I think the root cause of the problem is the apostrophe is getting escaped by moodle and when authenticating against moodle, is failing as there is no user present with a name like "name \' surname", authentication fails.

I have tried to work through the code to resolve this but each time I do, I seem to get deeper in the code and loose where I am and in what sub-function.

Does anyone have any ideas?

Ian
Average of ratings: -
In reply to Ian Fogarty

Re: NTLM Login with AD users with apostrophe in their name

by Dan Marsden -
Picture of Core developers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Plugins guardians Picture of Testers Picture of Translators

Hi Ian,

another one for me on Monday! - should be an easy fix!

- by the way, the NTLM module is an "Autentication plugin" not an "enrolment plugin"

smile

Dan

Average of ratings: -
In reply to Dan Marsden

Re: NTLM Login with AD users with apostrophe in their name

by Iñaki Arenaza -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
I'd say it's the same issue raised here: MDL-7071 (still unfixed in 1.6.x, 1.7.x and HEAD).

Saludos. Iñaki.
Average of ratings: -
In reply to Iñaki Arenaza

Re: NTLM Login with AD users with apostrophe in their name

by Ian Fogarty -
Im sorry, I realised after posting it was in the wrong forum but couldn't work out a way of moving it.

I applied the fix you worked out Inaki to this problem but still appeared to give problems. I did not look into this further but thought I should post through first?
Average of ratings: -
In reply to Ian Fogarty

Re: NTLM Login with AD users with apostrophe in their name

by Iñaki Arenaza -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers

You can add some debugging output to the auth_user_login() function of the ntlm authentication. You can make that debugging output be HTML comments, so your users don't notice at all.

Just add a few:

echo "<!-- Code is reaching point XX -->\n";

where XX is a growing number each time you add an echo statement, and you'll be able to follow the code flow for the problematic users.

Then you can debug it further in nested functions in case you need it. This is the way I usually do it.

Saludos. Iñaki.

Average of ratings: -