Core  3.2
PHP API documentation
 All Data Structures Namespaces Files Functions Variables Pages
Class.ldapProvider.php
Go to the documentation of this file.
1 <?php
2 /*
3  * @author Anakeen
4  * @package FDL
5 */
6 /**
7  * ldap authentication provider
8  *
9  * @author Anakeen
10  * @version $Id: $
11  * @package FDL
12  */
13 /**
14  */
15 
16 include_once ("WHAT/Class.Provider.php");
17 class ldapProvider extends Provider
18 {
19  public function validateCredential($username, $password)
20  {
21 
22  $host = ($this->parms{'host'} != '' ? $this->parms{'host'} : '127.0.0.1');
23  $port = ($this->parms{'port'} != '' ? $this->parms{'port'} : '389');
24  $ssl = (strtolower($this->parms{'ssl'}) == 'y' ? true : false);
25  $dnbase = ($this->parms{'dn'} != '' ? $this->parms{'dn'} : '%s');
26 
27  $uri = sprintf("%s://%s:%s/", ($ssl ? 'ldaps' : 'ldap') , $host, $port);
28  $r = ldap_connect($uri);
29  $err = ldap_get_option($r, LDAP_OPT_PROTOCOL_VERSION, $ret);
30  if (!$err) {
31  error_log("[$ret] Can't establish LDAP connection : $uri");
32  $this->errno = 0;
33  return FALSE;
34  }
35  $opts = $this->parms{'options'};
36  foreach ($opts as $k => $v) {
37  ldap_set_option($r, $k, $v);
38  }
39 
40  $dn = sprintf($dnbase, $username);
41  $b = @ldap_bind($r, $dn, $password);
42  if ($b) {
43  $this->errno = 0;
44  return TRUE;
45  } else {
46  $err = ldap_error($r);
47  error_log("user=[$dn] pass=[*********] result=>" . ($b ? "OK" : "NOK") . " ($err)");
48  }
49  $this->errno = 0;
50  return FALSE;
51  }
52  /**
53  * @param User $whatuser
54  * @param string $username
55  * @param string $password
56  * @return string error message
57  */
58  public function initializeUser(&$whatuser, $username, $password)
59  {
60  global $action;
61  $err = "";
62 
63  $CoreNull = "";
64  $core = new Application();
65  $core->Set("CORE", $CoreNull);
66  $core->session = new Session();
67  $action = new Action();
68  $action->Set("", $core);
69  $action->user = new Account("", 1); //create user as admin
70  $whatuser->firstname = '--';
71  $whatuser->lastname = '(from ldap) ' . $username;
72  $whatuser->login = $username;
73  $whatuser->password_new = uniqid("ldap");
74  $whatuser->famid = "IUSER";
75  $err = $whatuser->Add();
76  error_log("What user $username added (id=" . $whatuser->id . ")");
77  if ($err != "") {
78  $this->errno = 0;
79  return sprintf(_("cannot create user %s: %s") , $username, $err);
80  }
81 
82  include_once ("FDL/Class.DocFam.php");
83  $dbaccess = getDbAccess();
84  $du = new_doc($dbaccess, $whatuser->fid);
85  if ($du->isAlive()) {
86  $du->setValue("us_whatid", $whatuser->id);
87  $err = $du->modify();
88  if ($err == "") {
89  error_log("User $username added (id=" . $du->id . ")");
90  if ($this->parms{'dGroup'} != '') {
91  /*
92  * @var Dir $gu
93  */
94  $gu = new_Doc($dbaccess, $this->parms{'dGroup'});
95  if ($gu->isAlive()) {
96  $errg = $gu->addFile($du->id);
97  if ($errg == "") error_log("User $username added to group " . $this->parms{'dGroup'});
98  }
99  }
100  }
101  } else {
102  sprintf(_("cannot create user %s: %s") , $username, $err);
103  }
104  $core->session->close();
105 
106  $this->errno = 0;
107  return $err;
108  }
109 }
$action
global $action
Definition: accountRefreshGroup.php:16
ldapProvider\initializeUser
initializeUser(&$whatuser, $username, $password)
Definition: Class.ldapProvider.php:58
$ret
$ret
Definition: fdl_export1nf.php:91
getDbAccess
getDbAccess()
Definition: Lib.Common.php:368
new_Doc
new_Doc($dbaccess, $id= '', $latest=false)
Definition: freedom_util.php:119
$dbaccess
$dbaccess
Definition: checkVault.php:17
$err
if($file) if($subject==""&&$file) if($subject=="") $err
Definition: fdl_sendmail.php:78
ldapProvider\validateCredential
validateCredential($username, $password)
Definition: Class.ldapProvider.php:19
$CoreNull
$CoreNull
Definition: chgpasswd.php:32
$core
$core
Definition: chgpasswd.php:33
← centre documentaire © anakeen