Peter M. Groen / knowledgetree

Commit 32c8213e404641e40ea8682795dcfc208f735809

Authored by Megan Watson
1 parent 59103cfb

KTS-2772 

"CLONE -LDAP / Active Directory Authentication incorrect fields returned(SUP-521)"
Fixed. Rearranged the attributes retrieved from either directory to match the user's fields correctly.

Committed by: Megan Watson
Reviewed by: Conrad Vermeulen



git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@7913 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 4 changed files with 45 additions and 39 deletions
plugins/ktstandard/ldap/activedirectoryauthenticationprovider.inc.php
  View file @32c8213
@@ -5,32 +5,32 @@ @@ -5,32 +5,32 @@
5 * KnowledgeTree Open Source Edition 5 * KnowledgeTree Open Source Edition
6 * Document Management Made Simple 6 * Document Management Made Simple
7 * Copyright (C) 2004 - 2007 The Jam Warehouse Software (Pty) Limited 7 * Copyright (C) 2004 - 2007 The Jam Warehouse Software (Pty) Limited
8 - * 8 + *
9 * This program is free software; you can redistribute it and/or modify it under 9 * This program is free software; you can redistribute it and/or modify it under
10 * the terms of the GNU General Public License version 3 as published by the 10 * the terms of the GNU General Public License version 3 as published by the
11 * Free Software Foundation. 11 * Free Software Foundation.
12 - * 12 + *
13 * This program is distributed in the hope that it will be useful, but WITHOUT 13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 15 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
16 * details. 16 * details.
17 - * 17 + *
18 * You should have received a copy of the GNU General Public License 18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>. 19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 - * 20 + *
21 * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, 21 * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place,
22 * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. 22 * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com.
23 - * 23 + *
24 * The interactive user interfaces in modified source and object code versions 24 * The interactive user interfaces in modified source and object code versions
25 * of this program must display Appropriate Legal Notices, as required under 25 * of this program must display Appropriate Legal Notices, as required under
26 * Section 5 of the GNU General Public License version 3. 26 * Section 5 of the GNU General Public License version 3.
27 - * 27 + *
28 * In accordance with Section 7(b) of the GNU General Public License version 3, 28 * In accordance with Section 7(b) of the GNU General Public License version 3,
29 * these Appropriate Legal Notices must retain the display of the "Powered by 29 * these Appropriate Legal Notices must retain the display of the "Powered by
30 - * KnowledgeTree" logo and retain the original copyright notice. If the display of the 30 + * KnowledgeTree" logo and retain the original copyright notice. If the display of the
31 * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices 31 * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices
32 - * must display the words "Powered by KnowledgeTree" and retain the original  
33 - * copyright notice. 32 + * must display the words "Powered by KnowledgeTree" and retain the original
  33 + * copyright notice.
34 * Contributor( s): ______________________________________ 34 * Contributor( s): ______________________________________
35 * 35 *
36 */ 36 */
@@ -40,20 +40,21 @@ require_once(KT_LIB_DIR . &#39;/authentication/Authenticator.inc&#39;); @@ -40,20 +40,21 @@ require_once(KT_LIB_DIR . &#39;/authentication/Authenticator.inc&#39;);
40 require_once(KT_DIR . '/plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php'); 40 require_once(KT_DIR . '/plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php');
41 41
42 class KTActiveDirectoryAuthenticationProvider extends KTLDAPBaseAuthenticationProvider { 42 class KTActiveDirectoryAuthenticationProvider extends KTLDAPBaseAuthenticationProvider {
43 - var $sNamespace = "ktstandard.authentication.adprovider"; 43 + var $sNamespace = 'ktstandard.authentication.adprovider';
44 44
45 var $bGroupSource = true; 45 var $bGroupSource = true;
46 46
47 - var $sAuthenticatorClass = "KTActiveDirectoryAuthenticator";  
48 - var $aAttributes = array ("cn", "samaccountname", "givenname", "sn", "userprincipalname", "telephonenumber"); 47 + var $sAuthenticatorClass = 'KTActiveDirectoryAuthenticator';
  48 + var $aAttributes = array ('cn', 'samaccountname', 'givenname', 'sn', 'mail', 'telephonenumber', 'userprincipalname');
49 49
50 function KTActiveDirectoryAuthenticationProvider() { 50 function KTActiveDirectoryAuthenticationProvider() {
51 - $this->sName = _kt("ActiveDirectory authentication provider"); 51 + $this->sName = _kt('ActiveDirectory authentication provider');
52 parent::KTLDAPBaseAuthenticationProvider(); 52 parent::KTLDAPBaseAuthenticationProvider();
53 } 53 }
54 } 54 }
55 55
56 class KTActiveDirectoryAuthenticator extends KTLDAPBaseAuthenticator { 56 class KTActiveDirectoryAuthenticator extends KTLDAPBaseAuthenticator {
57 - var $aAttributes = array ("cn", "samaccountname", "givenname", "sn", "userprincipalname", "telephonenumber"); 57 + var $aAttributes = array ('cn', 'samaccountname', 'givenname', 'sn', 'mail', 'telephonenumber', 'userprincipalname');
58 } 58 }
59 59
  60 +?>
60 \ No newline at end of file 61 \ No newline at end of file
plugins/ktstandard/ldap/ldapauthenticationprovider.inc.php
  View file @32c8213
@@ -5,32 +5,32 @@ @@ -5,32 +5,32 @@
5 * KnowledgeTree Open Source Edition 5 * KnowledgeTree Open Source Edition
6 * Document Management Made Simple 6 * Document Management Made Simple
7 * Copyright (C) 2004 - 2007 The Jam Warehouse Software (Pty) Limited 7 * Copyright (C) 2004 - 2007 The Jam Warehouse Software (Pty) Limited
8 - * 8 + *
9 * This program is free software; you can redistribute it and/or modify it under 9 * This program is free software; you can redistribute it and/or modify it under
10 * the terms of the GNU General Public License version 3 as published by the 10 * the terms of the GNU General Public License version 3 as published by the
11 * Free Software Foundation. 11 * Free Software Foundation.
12 - * 12 + *
13 * This program is distributed in the hope that it will be useful, but WITHOUT 13 * This program is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 15 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
16 * details. 16 * details.
17 - * 17 + *
18 * You should have received a copy of the GNU General Public License 18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>. 19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 - * 20 + *
21 * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place, 21 * You can contact The Jam Warehouse Software (Pty) Limited, Unit 1, Tramber Place,
22 * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com. 22 * Blake Street, Observatory, 7925 South Africa. or email info@knowledgetree.com.
23 - * 23 + *
24 * The interactive user interfaces in modified source and object code versions 24 * The interactive user interfaces in modified source and object code versions
25 * of this program must display Appropriate Legal Notices, as required under 25 * of this program must display Appropriate Legal Notices, as required under
26 * Section 5 of the GNU General Public License version 3. 26 * Section 5 of the GNU General Public License version 3.
27 - * 27 + *
28 * In accordance with Section 7(b) of the GNU General Public License version 3, 28 * In accordance with Section 7(b) of the GNU General Public License version 3,
29 * these Appropriate Legal Notices must retain the display of the "Powered by 29 * these Appropriate Legal Notices must retain the display of the "Powered by
30 - * KnowledgeTree" logo and retain the original copyright notice. If the display of the 30 + * KnowledgeTree" logo and retain the original copyright notice. If the display of the
31 * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices 31 * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices
32 - * must display the words "Powered by KnowledgeTree" and retain the original  
33 - * copyright notice. 32 + * must display the words "Powered by KnowledgeTree" and retain the original
  33 + * copyright notice.
34 * Contributor( s): ______________________________________ 34 * Contributor( s): ______________________________________
35 * 35 *
36 */ 36 */
@@ -41,19 +41,20 @@ require_once(&#39;Net/LDAP.php&#39;); @@ -41,19 +41,20 @@ require_once(&#39;Net/LDAP.php&#39;);
41 require_once(KT_DIR . '/plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php'); 41 require_once(KT_DIR . '/plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php');
42 42
43 class KTLDAPAuthenticationProvider extends KTLDAPBaseAuthenticationProvider { 43 class KTLDAPAuthenticationProvider extends KTLDAPBaseAuthenticationProvider {
44 - var $sNamespace = "ktstandard.authentication.ldapprovider"; 44 + var $sNamespace = 'ktstandard.authentication.ldapprovider';
45 45
46 - var $aAttributes = array ("cn", "uid", "givenname", "sn", "mail", "mobile");  
47 - var $sAuthenticatorClass = "KTLDAPAuthenticator"; 46 + var $aAttributes = array ('cn', 'samaccountname', 'givenname', 'sn', 'mail', 'mobile', 'userprincipalname', 'uid');
  47 + var $sAuthenticatorClass = 'KTLDAPAuthenticator';
48 48
49 function KTLDAPAuthenticationProvider() { 49 function KTLDAPAuthenticationProvider() {
50 - $this->sName = _kt("LDAP authentication provider"); 50 + $this->sName = _kt('LDAP authentication provider');
51 parent::KTLDAPBaseAuthenticationProvider(); 51 parent::KTLDAPBaseAuthenticationProvider();
52 } 52 }
53 53
54 } 54 }
55 55
56 class KTLDAPAuthenticator extends KTLDAPBaseAuthenticator { 56 class KTLDAPAuthenticator extends KTLDAPBaseAuthenticator {
57 - var $aAttributes = array ("cn", "uid", "givenname", "sn", "mail", "mobile"); 57 + var $aAttributes = array ('cn', 'samaccountname', 'givenname', 'sn', 'mail', 'mobile', 'userprincipalname', 'uid');
58 } 58 }
59 59
  60 +?>
60 \ No newline at end of file 61 \ No newline at end of file
plugins/ktstandard/ldap/ldapbaseauthenticationprovider.inc.php
  View file @32c8213
@@ -39,11 +39,11 @@ require_once(KT_LIB_DIR . &#39;/authentication/authenticationprovider.inc.php&#39;); @@ -39,11 +39,11 @@ require_once(KT_LIB_DIR . &#39;/authentication/authenticationprovider.inc.php&#39;);
39 require_once(KT_LIB_DIR . '/authentication/Authenticator.inc'); 39 require_once(KT_LIB_DIR . '/authentication/Authenticator.inc');
40 40
41 class KTLDAPBaseAuthenticationProvider extends KTAuthenticationProvider { 41 class KTLDAPBaseAuthenticationProvider extends KTAuthenticationProvider {
42 - var $sName = "LDAP authentication provider";  
43 - var $sNamespace = "ktstandard.authentication.ldapprovider"; 42 + var $sName = 'LDAP authentication provider';
  43 + var $sNamespace = 'ktstandard.authentication.ldapprovider';
44 44
45 - var $aAttributes = array ("cn", "uid", "givenname", "sn", "mail", "mobile");  
46 - var $aMembershipAttributes = array ("memberOf"); 45 + var $aAttributes = array ('cn', 'samaccountname', 'givenname', 'sn', 'mail', 'mobile', 'userprincipalname', 'uid');
  46 + var $aMembershipAttributes = array ('memberOf');
47 47
48 // {{{ KTLDAPBaseAuthenticationProvider 48 // {{{ KTLDAPBaseAuthenticationProvider
49 function KTLDAPBaseAuthenticationProvider() { 49 function KTLDAPBaseAuthenticationProvider() {
@@ -281,10 +281,13 @@ class KTLDAPBaseAuthenticationProvider extends KTAuthenticationProvider { @@ -281,10 +281,13 @@ class KTLDAPBaseAuthenticationProvider extends KTAuthenticationProvider {
281 $this->oValidator->notError($aResults); 281 $this->oValidator->notError($aResults);
282 282
283 $sUserName = $aResults[$this->aAttributes[1]]; 283 $sUserName = $aResults[$this->aAttributes[1]];
284 - // With LDAP, if the 'uid' is null then try using the 'givenname' instead.  
285 - // See activedirectoryauthenticationprovider.inc.php and ldapauthenticationprovider.inc.php for details.  
286 - if($this->sAuthenticatorClass == "KTLDAPAuthenticator" && empty($sUserName)) {  
287 - $sUserName = strtolower($aResults[$this->aAttributes[2]]); 284 +
  285 + // If the SAMAccountName is empty then use the UserPrincipalName (UPN) to find the username.
  286 + // The UPN is normally the username @ the internet domain
  287 + if(empty($sUserName)) {
  288 + $sUpn = $aResults[$this->aAttributes[6]];
  289 + $aUpn = explode('@', $sUpn);
  290 + $sUserName = $aUpn[0];
288 } 291 }
289 292
290 $fields = array(); 293 $fields = array();
@@ -447,12 +450,12 @@ class KTLDAPBaseAuthenticationProvider extends KTAuthenticationProvider { @@ -447,12 +450,12 @@ class KTLDAPBaseAuthenticationProvider extends KTAuthenticationProvider {
447 } 450 }
448 $aSearchDNs[$k] = "'".$aSearchResults[$k]['dn']."'"; 451 $aSearchDNs[$k] = "'".$aSearchResults[$k]['dn']."'";
449 } 452 }
450 - 453 +
451 $sDNs = implode(',', $aSearchDNs); 454 $sDNs = implode(',', $aSearchDNs);
452 $query = "SELECT id, authentication_details_s1 AS dn FROM users 455 $query = "SELECT id, authentication_details_s1 AS dn FROM users
453 WHERE authentication_details_s1 IN ($sDNs)"; 456 WHERE authentication_details_s1 IN ($sDNs)";
454 $aCurUsers = DBUtil::getResultArray($query); 457 $aCurUsers = DBUtil::getResultArray($query);
455 - 458 +
456 // If the user has already been added, then remove from the list 459 // If the user has already been added, then remove from the list
457 if(!PEAR::isError($aCurUsers) && !empty($aCurUsers)){ 460 if(!PEAR::isError($aCurUsers) && !empty($aCurUsers)){
458 foreach($aCurUsers as $item){ 461 foreach($aCurUsers as $item){
@@ -961,3 +964,4 @@ class KTLDAPBaseAuthenticator extends Authenticator { @@ -961,3 +964,4 @@ class KTLDAPBaseAuthenticator extends Authenticator {
961 } 964 }
962 } 965 }
963 966
  967 +?>
964 \ No newline at end of file 968 \ No newline at end of file
templates/ktstandard/authentication/ldapadduser.smarty
  View file @32c8213
@@ -10,7 +10,7 @@ @@ -10,7 +10,7 @@
10 <input type="hidden" name="dn" value="{$dn}" /> 10 <input type="hidden" name="dn" value="{$dn}" />
11 <input type="hidden" name="samaccountname" value="{$samaccountname}" /> 11 <input type="hidden" name="samaccountname" value="{$samaccountname}" />
12 <div class="form_actions"> 12 <div class="form_actions">
13 - <input type="submit" name="submit[create]" value="{i18n}create user{/i18n}" /> 13 + <input type="submit" name="submit[create]" value="{i18n}Create user{/i18n}" />
14 <input type="submit" name="kt_cancel[]" value="{i18n}Cancel{/i18n}" /> 14 <input type="submit" name="kt_cancel[]" value="{i18n}Cancel{/i18n}" />
15 </div> 15 </div>
16 </fieldset> 16 </fieldset>