Platform  3.1
PHP API documentation
 All Data Structures Namespaces Files Functions Variables Pages
Class.ldapProvider.php
Go to the documentation of this file.
1 <?php
2 /*
3  * @author Anakeen
4  * @license http://creativecommons.org/licenses/by-nc-sa/2.0/fr/ Anakeen - licence CC
5  * @package FDL
6 */
7 /**
8  * ldap authentication provider
9  *
10  * @author Anakeen 2009
11  * @version $Id: $
12  * @license http://creativecommons.org/licenses/by-nc-sa/2.0/fr/ Anakeen - licence CC
13  * @package FDL
14  */
15 /**
16  */
17 
18 include_once ("WHAT/Class.Provider.php");
19 class ldapProvider extends Provider
20 {
21 
22  public function validateCredential($username, $password)
23  {
24 
25  $host = ($this->parms{'host'} != '' ? $this->parms{'host'} : '127.0.0.1');
26  $port = ($this->parms{'port'} != '' ? $this->parms{'port'} : '389');
27  $ssl = (strtolower($this->parms{'ssl'}) == 'y' ? true : false);
28  $dnbase = ($this->parms{'dn'} != '' ? $this->parms{'dn'} : '%s');
29 
30  $uri = sprintf("%s://%s:%s/", ($ssl ? 'ldaps' : 'ldap') , $host, $port);
31  $r = ldap_connect($uri);
32  $err = ldap_get_option($r, LDAP_OPT_PROTOCOL_VERSION, $ret);
33  if (!$err) {
34  error_log("[$ret] Can't establish LDAP connection : $uri");
35  $this->errno = 0;
36  return FALSE;
37  }
38  $opts = $this->parms{'options'};
39  foreach ($opts as $k => $v) {
40  ldap_set_option($r, $k, $v);
41  }
42 
43  $dn = sprintf($dnbase, $username);
44  $b = @ldap_bind($r, $dn, $password);
45  if ($b) {
46  $this->errno = 0;
47  return TRUE;
48  } else {
49  $err = ldap_error($r);
50  error_log("user=[$dn] pass=[*********] result=>" . ($b ? "OK" : "NOK") . " ($err)");
51  }
52  $this->errno = 0;
53  return FALSE;
54  }
55 
56  public function validateAuthorization($opt)
57  {
58  $this->errno = 0;
59  return TRUE;
60  }
61 
62  public function initializeUser(&$whatuser, $username, $password)
63  {
64  global $action;
65  $err = "";
66 
67  $CoreNull = "";
68  $core = new Application();
69  $core->Set("CORE", $CoreNull);
70  $core->session = new Session();
71  $action = new Action();
72  $action->Set("", $core);
73  $action->user = new User("", 1); //create user as admin
74  $whatuser->firstname = '--';
75  $whatuser->lastname = '(from ldap) ' . $username;
76  $whatuser->login = $username;
77  $whatuser->password_new = uniqid("ldap");
78  $whatuser->iddomain = "0";
79  $whatuser->famid = "IUSER";
80  $err = $whatuser->Add();
81  error_log("What user $username added (id=" . $whatuser->id . ")");
82  if ($err != "") {
83  $this->errno = 0;
84  return sprintf(_("cannot create user %s: %s") , $username, $err);
85  }
86 
87  include_once ("FDL/Class.DocFam.php");
88  $dbaccess = getParam("FREEDOM_DB");
89  $du = new_doc($dbaccess, $whatuser->fid);
90  if ($du->isAlive()) {
91  $du->setValue("us_whatid", $whatuser->id);
92  $err = $du->modify();
93  if ($err == "") {
94  error_log("User $username added (id=" . $du->id . ")");
95  if ($this->parms{'dGroup'} != '') {
96  $gu = new_Doc($dbaccess, $this->parms{'dGroup'});
97  if ($gu->isAlive()) {
98  $errg = $gu->addFile($du->id);
99  if ($errg == "") error_log("User $username added to group " . $this->parms{'dGroup'});
100  }
101  }
102  }
103  } else {
104  sprintf(_("cannot create user %s: %s") , $username, $err);
105  }
106  $core->session->close();
107 
108  $this->errno = 0;
109  return $err;
110  }
111 }
112 ?>
← centre documentaire © anakeen - published under CC License - Dynacase