diff options
| author | Lester Caine <lester@lsces.co.uk> | 2009-04-18 22:00:55 +0000 |
|---|---|---|
| committer | Lester Caine <lester@lsces.co.uk> | 2009-04-18 22:00:55 +0000 |
| commit | 620ef184bd7f364a7af37f978f69340567ada6d1 (patch) | |
| tree | 637a2ff32a8a24fec4d275143004a8c9dd215fa1 /auth | |
| parent | c74e53679b94e7e8f045dd6a6d2de0c93e6fcd91 (diff) | |
| download | users-620ef184bd7f364a7af37f978f69340567ada6d1.tar.gz users-620ef184bd7f364a7af37f978f69340567ada6d1.tar.bz2 users-620ef184bd7f364a7af37f978f69340567ada6d1.zip | |
Functional interface to Auth:LDAP but still needs work.
The fields being used from inetOrgPerson do not tie up with what we need in bw, and additional fields need to be managed between server and USERS_USERS table.
Diffstat (limited to 'auth')
| -rw-r--r-- | auth/ldap/auth.php | 37 |
1 files changed, 23 insertions, 14 deletions
diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index fb9b8d6..9853fbb 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -1,6 +1,6 @@ <?php /** - * $Header: /cvsroot/bitweaver/_bit_users/auth/ldap/auth.php,v 1.7 2009/04/17 20:03:25 lsces Exp $ + * $Header: /cvsroot/bitweaver/_bit_users/auth/ldap/auth.php,v 1.8 2009/04/18 22:00:55 lsces Exp $ * * @package users */ @@ -28,11 +28,16 @@ class LDAPAuth extends BaseAuth { function validate($user,$pass,$challenge,$response) { parent::validate($user,$pass,$challenge,$response); + // set the Auth options - $a = new Auth("LDAP", $this->mConfig, "", false, $user, $pass); + $a = new Auth("LDAP", $this->mConfig, "", false); + $a->username = $user; + $a->password = $pass; + // check if the login correct $a->login(); - $ret = ''; + + $this->mInfo["real_name"] = ''; // This needs fixing in the base code - real_name will only exist if a user has been identiied switch ($a->getStatus()) { case AUTH_LOG_INFO: $ret=USER_VALID; @@ -40,10 +45,10 @@ class LDAPAuth extends BaseAuth { if ($ds) { $r=ldap_bind($ds, $this->mConfig["adminuser"], $this->mConfig["adminpass"]); if ($r) { - $attrs = array("cn", "mail"); + $attrs = array("mail", "uidNumber", "displayName"); $sr=ldap_search($ds, $this->mConfig["basedn"], "(".$this->mConfig["userattr"]."=".$user.")", $attrs); // Search $info = ldap_get_entries($ds, $sr); - $this->mInfo["real_name"] = $info[0]["cn"][0]; + $this->mInfo["real_name"] = $info[0]["displayname"][0]; if(empty($this->mConfig["email"])) { if(empty($info[0]["mail"][0])) { $this->mInfo["email"] = $info[0][$this->mConfig["userattr"]][0]; @@ -59,17 +64,21 @@ class LDAPAuth extends BaseAuth { $this->mInfo["email"] = preg_replace_callback('/%.*?%/',$replace_func,$this->mConfig["email"]); } } + $this->mInfo['user_id']=$info[0]["uidnumber"][0] - 1000; ldap_close($ds); } break; // case AUTH_USER_NOT_FOUND: -// $ret=USER_NOT_FOUND; +// $this->mErrors['login'] = 'Password incorrect'; +// $ret=PASSWORD_INCORRECT; // break; case AUTH_WRONG_LOGIN: + $this->mErrors['login'] = 'User not found'; $ret=PASSWORD_INCORRECT; break; default: - $ret=SERVER_ERROR; + $this->mErrors['login'] = 'Unidentified Error'; + $ret=PASSWORD_INCORRECT; break; } return $ret; @@ -216,13 +225,13 @@ class LDAPAuth extends BaseAuth { 'base' => "Base", ), ), - 'users_ldap_group' => array( - 'label' => "LDAP Group", - 'type' => "option", - 'note' => "", - 'default' => '3', - 'options' => $groups, - ), +// 'users_ldap_group' => array( +// 'label' => "LDAP Group", +// 'type' => "option", +// 'note' => "", +// 'default' => '3', +// 'options' => $groups, +// ), ); } } |