Commit e0f71f325ba6ed8d842d3d2b65b7604b79592e76
1 parent
2a48f093
added ldap class as an attribute, updated searchUsers method signature, coded checkPass method
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@826 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
74 additions
and
33 deletions
lib/authentication/LDAPAuthenticator.inc
| @@ -15,38 +15,79 @@ require_once("$default->owl_fs_root/lib/authentication/Authenticator.inc"); | @@ -15,38 +15,79 @@ require_once("$default->owl_fs_root/lib/authentication/Authenticator.inc"); | ||
| 15 | * @package lib.authentication | 15 | * @package lib.authentication |
| 16 | */ | 16 | */ |
| 17 | class LDAPAuthenticator extends Authenticator { | 17 | class LDAPAuthenticator extends Authenticator { |
| 18 | - | ||
| 19 | - /** | ||
| 20 | - * The LDAP server to connect to | ||
| 21 | - */ | ||
| 22 | - var $ldapServer; | ||
| 23 | - /** | ||
| 24 | - * The base LDAP DN to perform authentication against | ||
| 25 | - */ | ||
| 26 | - var $ldapDN; | ||
| 27 | - | ||
| 28 | - /** | ||
| 29 | - * Creates a new instance of the LDAPAuthenticator | ||
| 30 | - * | ||
| 31 | - * @param string the LDAP server to connect to for validation | ||
| 32 | - * @param string the dn branch to perform the authentication against | ||
| 33 | - */ | ||
| 34 | - function LDAPAuthentication($ldapServer, $ldapDN) { | ||
| 35 | - $this->ldapServer = $ldapServer; | ||
| 36 | - $this->ldapDN = $ldapDN; | ||
| 37 | - } | ||
| 38 | - | ||
| 39 | - /** | ||
| 40 | - * Checks the user's password against the LDAP directory | ||
| 41 | - * | ||
| 42 | - * @param string the name of the user to check | ||
| 43 | - * @param string the password to check | ||
| 44 | - * @return boolean true if the password is correct, else false | ||
| 45 | - */ | ||
| 46 | - function checkPassword($userName, $password) { | ||
| 47 | - global $default; | ||
| 48 | - $ldap = new AuthLdap(); | ||
| 49 | - | ||
| 50 | - } | 18 | + |
| 19 | + /** | ||
| 20 | + * The LDAP server to connect to | ||
| 21 | + */ | ||
| 22 | + var $sLdapServer; | ||
| 23 | + /** | ||
| 24 | + * The base LDAP DN to perform authentication against | ||
| 25 | + */ | ||
| 26 | + var $sBaseDN; | ||
| 27 | + /** | ||
| 28 | + * The LDAP accessor class | ||
| 29 | + */ | ||
| 30 | + var $oLdap; | ||
| 31 | + | ||
| 32 | + /** | ||
| 33 | + * Creates a new instance of the LDAPAuthenticator | ||
| 34 | + * | ||
| 35 | + * @param string the LDAP server to connect to for validation (optional) | ||
| 36 | + * @param string the dn branch to perform the authentication against (optional) | ||
| 37 | + */ | ||
| 38 | + function LDAPAuthentication($sLdapServer = "", $sLdapDN = "") { | ||
| 39 | + global $default; | ||
| 40 | + | ||
| 41 | + $this->sLdapServer = strlen($sLdapServer) > 0 ? $sLdapServer : $default->system->get("ldapServer"); | ||
| 42 | + $this->sBaseDN = strlen($sLdapDN) > 0 ? $sLdapDN : $default->system->get("ldapRootDn"); | ||
| 43 | + | ||
| 44 | + // initialise and setup ldap class | ||
| 45 | + $this->oLdap = new AuthLdap(); | ||
| 46 | + $this->oLdap->server = array($this->sLdapServer); | ||
| 47 | + $this->oLdap->dn = $this->sBaseDN; | ||
| 48 | + } | ||
| 49 | + | ||
| 50 | + /** | ||
| 51 | + * Checks the user's password against the LDAP directory | ||
| 52 | + * | ||
| 53 | + * @param string the name of the user to check | ||
| 54 | + * @param string the password to check | ||
| 55 | + * @return boolean true if the password is correct, else false | ||
| 56 | + */ | ||
| 57 | + function checkPassword($sUserName, $sPassword) { | ||
| 58 | + global $default; | ||
| 59 | + | ||
| 60 | + return $oLdap->checkPass($sUserName, $sPassword); | ||
| 61 | + } | ||
| 62 | + | ||
| 63 | + | ||
| 64 | + /** | ||
| 65 | + * Searches the LDAP directory for users matching the supplied search string. | ||
| 66 | + * | ||
| 67 | + * @param string the username to search for | ||
| 68 | + * @param array the attributes to return from the search | ||
| 69 | + * @return array containing the users found | ||
| 70 | + */ | ||
| 71 | + function searchUsers($sUserNameSearch, $aAttributes) { | ||
| 72 | + global $default; | ||
| 73 | + | ||
| 74 | + // connect and search | ||
| 75 | + if ( $this->oLdap->connect() ) { | ||
| 76 | + // search for the users | ||
| 77 | + // append and prepend wildcards | ||
| 78 | + $aUserResults = $this->oLdap->getUsers("*" . $sUserNameSearch . "*", $aAttributes); | ||
| 79 | + //return $aUserResults; | ||
| 80 | + if ($aUserResults) { | ||
| 81 | + // return the array | ||
| 82 | + return $aUserResults; | ||
| 83 | + } else { | ||
| 84 | + // the search failed, return empty array | ||
| 85 | + return false; | ||
| 86 | + } | ||
| 87 | + } else { | ||
| 88 | + $_SESSION["errorMessage"] = "LDAP error: (" . $this->oLdap->ldapErrorCode . ") " . $this->oLdap->ldapErrorText; | ||
| 89 | + return false; | ||
| 90 | + } | ||
| 91 | + } | ||
| 51 | } | 92 | } |
| 52 | ?> | 93 | ?> |