Conflict with WP Cyber

  • Resolved jeffreyjoncarter

    (@jeffreyjoncarter)


    7 years, 10 months ago

    I recently jumped from wpDirAuth 1.7.x to 1.9.3. It immediately killed all but my logins except the admin local account.
    The only way to get LDAP logins working again was to deactivate WP Cyber 4.7.7. The two plugins had peacefully coexisted up until now.
    At first, I thought it was the wp-login.php custom page and redirect WP Cyber uses. But I disabled that part and it still kept giving failed logins. As soon as I deactivated WP Cyber, LDAP logins work.
    I love WP Cyber so I am hoping there is a way forward.
    Jeff

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author Paul Gilzow

    (@gilzow)

    I’m not familiar with WP Cyber, and I’m not finding it in the plugins directory. A quick google search just matches this post. Can you include a link to it?

    version 1.8.1 of wpDirAuth switched from overriding wp_authenticate function in pluggable.php to using the authenticate filter to improve compatibility with other plugins that hooked the authenticate filter. It’s possible that plugin is hooking the authenticate filter before wpDirAuth and throwing a WP_Error object.

    I had the same issue, but it’s not “WP Cyber”, it’s WP Cerber.

    I currently have wpDirAuth 1.9.3 and WP Cerber 4.7.7. When I disable Cerber, login works fine. If I enable it, the ldap requests never seems to be sent, at least for most users. Someone actually managed to log in.

    Plugin Author Paul Gilzow

    (@gilzow)

    I had the same issue, but it’s not “WP Cyber”, it’s WP Cerber.

    ok, that helps immensely. I think I see what might be happening. Can you try out this version and see if it fixes the specific issue you are seeing?

    https://gist.github.com/gilzow/0ce2a61dfd54ddd29dba35491c3ec20d

    Unfortunately, because of the way Cerber is written, you may experience other oddities or failures that will need to be fixed by the author of Cerber. Specifically, the function cerber_auth_control doesn’t check to see if the first parameter is an instance of WP_Error and return it instead of continuing to process. One immediate issue I can see is if directory authentication has been disabled via wpDirAuth and an directory-authenticated user attempts to login. wpDirAuth will correctly generate a WP_Error object with an error code of login_disabled. However, WP Cerber will continue to process the authentication attempt and will return an incorrect password error message.

    Login worked with the recent change, but I had to change your variable name. You wrote $intBadFunction in the code, but nowhere else is that variable referenced. It work if I changed the variable name to $intBadFunctionPriority. I have only tested with a single user, though.

    • This reply was modified 7 years, 10 months ago by hebw.
    Plugin Author Paul Gilzow

    (@gilzow)

    You wrote $intBadFunction in the code, but nowhere else is that variable referenced.

    Yes I did, didn’t I? Good catch. I’m traveling right now but should be able to make the change and get it pushed out on Tuesday.

    Plugin Author Paul Gilzow

    (@gilzow)

    Just pushed out 1.9.4 which corrects the issue. Going to go ahead and mark this one resolved.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Conflict with WP Cyber’ is closed to new replies.

Tags