XF 1.5 xenForo Active Directory/LDAP

Foxtrek_64

Member
Hello all,

After looking around on the forums, I found this thread discussing LDAP and Active Directory. However, seeing as the thread was from 2011, I thought it better to make my own thread instead of necro-ing the other one.

That being said, I am trying to use LDAP to enable Single Sign-On capability between my xenForo forum and the Hawkeye user administration plugin for Minecraft.

Both xenForo and the Hawkeye Web Interface use a mssql database to hold usernames and passwords (so I might just be able to tell Hawkeye to read from the xenForo user database, or at least synchronize particular users), however I'm looking for a solution that allows for future-proofing.

That being said, have there been any additions or changes to xenForo in the past five years to allow for LDAP or similar capability? I have xenForo running in a DMZ (created by a Cisco ASA 5510 firewall), so I could very easily either put an AD server there or on my internal network to handle authentication.

Alternatively, for persistent sign-on, xenForo likely uses cookies in the browser or some kind of certificate-based authentication (so you don't have to log in again every time you go to another page). Would it be possible to have my Hawkeye server request this cookie/certificate and allow people to connect in this way, alternatively prompting for a username and password if this is not available?

After doing a bit of research, I've found this modification for Hawkeye. It seems correct code-wise, but will the plugin still work with xenForo? I'm a bit wary about using three-year old code.
 
Last edited:
That being said, have there been any additions or changes to xenForo in the past five years to allow for LDAP or similar capability?
As it stands, no not currently.

After doing a bit of research, I've found this modification for Hawkeye. It seems correct code-wise, but will the plugin still work with xenForo?
Conceptually that might work, though this specific one doesn't appear to use the current XenForo password scheme (bcrypt). It would probably need a different approach.
 
Conceptually that might work, though this specific one doesn't appear to use the current XenForo password scheme (bcrypt). It would probably need a different approach.

Given the base framework available in the Hawkeye modification, I might be able to get that to work. Is there any documentation available for bycrypt or will I need to spin up my xenForo vm and take a look at the login code?
 
Top Bottom