Commit 62da5f2cf569708e33c3236e294fe3e31b1438dc
1 parent
9a75fb15
Add support for OpenLDAP2 servers that don't offer anonymous bind or
LDAPv2 bings. SF tracker: 1025349 Submitted by: daniel patrick git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@2945 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
15 additions
and
2 deletions
lib/authentication/class.AuthLdap.php
| @@ -32,6 +32,10 @@ | @@ -32,6 +32,10 @@ | ||
| 32 | * - Change documentation to phpdoc style (http://phpdocu.sourceforge.net) | 32 | * - Change documentation to phpdoc style (http://phpdocu.sourceforge.net) |
| 33 | * - Added a constructor | 33 | * - Added a constructor |
| 34 | * - Added an attribute array parameter to the getUsers method | 34 | * - Added an attribute array parameter to the getUsers method |
| 35 | + * 20040909, Daniel Patrick <daniel@geekmobile.biz> | ||
| 36 | + * - Added server type OpenLDAP2 | ||
| 37 | + * - Added support for OpenLDAP2 servers that deny Anonymous Bind | ||
| 38 | + * - Added support for OpenLDAP2 servers that deny LDAPv2 protocol | ||
| 35 | */ | 39 | */ |
| 36 | 40 | ||
| 37 | class AuthLdap { | 41 | class AuthLdap { |
| @@ -125,8 +129,14 @@ class AuthLdap { | @@ -125,8 +129,14 @@ class AuthLdap { | ||
| 125 | function connect() { | 129 | function connect() { |
| 126 | foreach ($this->server as $key => $host) { | 130 | foreach ($this->server as $key => $host) { |
| 127 | $this->connection = ldap_connect( $host); | 131 | $this->connection = ldap_connect( $host); |
| 132 | + if ( $this->serverType == "OpenLDAP2" ) { | ||
| 133 | + ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); | ||
| 134 | + } | ||
| 128 | if ( $this->connection) { | 135 | if ( $this->connection) { |
| 129 | - if ($this->serverType == "ActiveDirectory") { | 136 | + if (($this->serverType == "ActiveDirectory") || |
| 137 | + (($this->serverType == "OpenLDAP2") && | ||
| 138 | + (!$this->searchUser == "") && | ||
| 139 | + (!$this->searchPassword == ""))) { | ||
| 130 | return true; | 140 | return true; |
| 131 | } else { | 141 | } else { |
| 132 | // Connected, now try binding anonymously | 142 | // Connected, now try binding anonymously |
| @@ -423,7 +433,10 @@ class AuthLdap { | @@ -423,7 +433,10 @@ class AuthLdap { | ||
| 423 | // Perform the search and get the entry handles | 433 | // Perform the search and get the entry handles |
| 424 | 434 | ||
| 425 | // if the directory is AD, then bind first with the search user first | 435 | // if the directory is AD, then bind first with the search user first |
| 426 | - if ($this->serverType == "ActiveDirectory") { | 436 | + if (($this->serverType == "ActiveDirectory") || |
| 437 | + (($this->serverType == "OpenLDAP2") && | ||
| 438 | + (!$this->searchUser == "") && | ||
| 439 | + (!$this->searchPassword == ""))) { | ||
| 427 | $this->authBind($this->searchUser, $this->searchPassword); | 440 | $this->authBind($this->searchUser, $this->searchPassword); |
| 428 | } | 441 | } |
| 429 | $this->result = ldap_search( $this->connection, $checkDn, $this->getUserIdentifier() . "=$search"); | 442 | $this->result = ldap_search( $this->connection, $checkDn, $this->getUserIdentifier() . "=$search"); |