PluggableAuth V1.0.0 Exception with bad password

Asked by Bill Gosse on 2012-07-26

I installed the PluggableAuth V1.0.0 just to see what would happen.

If I login with a valid username and password everything works fine, i get authenticated againist PDS's database user table.

However if I attempt to login in with a bad username or password I get the following exception:

"Uncaught Exception while running
This page will try to provide as much information as possible so you can track down (and hopefully fix) the problem.

The error

The message of the error is as follow:

Unable to implement auth plugin

The error occurred in file C:\Dev\xampp\htdocs\phpdev\plugins\PluggableAuth\includes\AUTH_login.class.php at line 48"

When I uninstall the plugin I no longer get the exception when I login with a bad username or password. I only get the standard invalid username or password error message.

Is this normal behavior for this plugin?

Question information

Language:
English Edit question
Status:
Solved
For:
PHPDevShell Edit question
Assignee:
No assignee Edit question
Solved by:
Bill Gosse
Solved:
2012-08-03
Last query:
2012-08-03
Last reply:
2012-08-03
Greg (gregfr) said : #1

Hello and thanks for your interest in our framework :)

What you report is indeed a bug which has been fixed but the fix is not released yet.

Meanwhile you can easily path it yourself, there are two lines to changes in the file:

/plugins/PluggableAuth/includes/AUTH_login.class.php

line 85 change from
    if (is_a($auth, 'iAUTH_plugin') && ($plugin->lookupUser(array('username' => $username, 'password' => $password)))) {
to
    if (is_a($plugin, 'iAUTH_plugin') && ($plugin->lookupUser(array('username' => $username, 'password' => $password)))) {

and line 48 change from
    throw new PHPDS_exception('Unable to implement auth plugin');
to
    return false;

You have the summary of the changes here:

http://bazaar.launchpad.net/~phpdevshell/phpdevshell/3.2.1/changes?filter_file_id=pluginspluggableauth-20110919083907-dd6cbswrobkqsflc-7

This module will be reworked soon to add other types of auth sources (google, facebook, etc), so your feedback is appreciated !!

Bill Gosse (bill-gosse) said : #2

The code fixed you posted above does not jive with the code I currently have for this file. The version I have is PHPDevShell V 3.2.0-Stable-DB-3140. I just downloaded this version two weeks a go. Have there been more changes to this file since this version was released.

Bill Gosse (bill-gosse) said : #3

This is the code that I have around line 85:
$plugin = $this->getAuthPlugin($source);
if ($plugin->lookupUser(array('username' => $username, 'password' => $password))) {
 return $user;
}

Greg (gregfr) said : #4

Yes change this line:

    if ($plugin->lookupUser(array('username' => $username, 'password' => $password))) {

to

    if (is_a($plugin, 'iAUTH_plugin') && ($plugin->lookupUser(array('username' => $username, 'password' => $password)))) {

However the other change is likely to trigger the exception you reported, so if you changed:

line 48
    throw new PHPDS_exception('Unable to implement auth plugin');
to
    return false;

it should be working

Bill Gosse (bill-gosse) said : #5

I figured out how download the latest AUTH_login.class.php from launchpad and deployed it to my dev environment.