From 620ef184bd7f364a7af37f978f69340567ada6d1 Mon Sep 17 00:00:00 2001 From: Lester Caine Date: Sat, 18 Apr 2009 22:00:55 +0000 Subject: Functional interface to Auth:LDAP but still needs work. The fields being used from inetOrgPerson do not tie up with what we need in bw, and additional fields need to be managed between server and USERS_USERS table. --- auth/ldap/auth.php | 37 +++++++++++++++++++++++-------------- 1 file changed, 23 insertions(+), 14 deletions(-) (limited to 'auth') diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php index fb9b8d6..9853fbb 100644 --- a/auth/ldap/auth.php +++ b/auth/ldap/auth.php @@ -1,6 +1,6 @@ mConfig, "", false, $user, $pass); + $a = new Auth("LDAP", $this->mConfig, "", false); + $a->username = $user; + $a->password = $pass; + // check if the login correct $a->login(); - $ret = ''; + + $this->mInfo["real_name"] = ''; // This needs fixing in the base code - real_name will only exist if a user has been identiied switch ($a->getStatus()) { case AUTH_LOG_INFO: $ret=USER_VALID; @@ -40,10 +45,10 @@ class LDAPAuth extends BaseAuth { if ($ds) { $r=ldap_bind($ds, $this->mConfig["adminuser"], $this->mConfig["adminpass"]); if ($r) { - $attrs = array("cn", "mail"); + $attrs = array("mail", "uidNumber", "displayName"); $sr=ldap_search($ds, $this->mConfig["basedn"], "(".$this->mConfig["userattr"]."=".$user.")", $attrs); // Search $info = ldap_get_entries($ds, $sr); - $this->mInfo["real_name"] = $info[0]["cn"][0]; + $this->mInfo["real_name"] = $info[0]["displayname"][0]; if(empty($this->mConfig["email"])) { if(empty($info[0]["mail"][0])) { $this->mInfo["email"] = $info[0][$this->mConfig["userattr"]][0]; @@ -59,17 +64,21 @@ class LDAPAuth extends BaseAuth { $this->mInfo["email"] = preg_replace_callback('/%.*?%/',$replace_func,$this->mConfig["email"]); } } + $this->mInfo['user_id']=$info[0]["uidnumber"][0] - 1000; ldap_close($ds); } break; // case AUTH_USER_NOT_FOUND: -// $ret=USER_NOT_FOUND; +// $this->mErrors['login'] = 'Password incorrect'; +// $ret=PASSWORD_INCORRECT; // break; case AUTH_WRONG_LOGIN: + $this->mErrors['login'] = 'User not found'; $ret=PASSWORD_INCORRECT; break; default: - $ret=SERVER_ERROR; + $this->mErrors['login'] = 'Unidentified Error'; + $ret=PASSWORD_INCORRECT; break; } return $ret; @@ -216,13 +225,13 @@ class LDAPAuth extends BaseAuth { 'base' => "Base", ), ), - 'users_ldap_group' => array( - 'label' => "LDAP Group", - 'type' => "option", - 'note' => "", - 'default' => '3', - 'options' => $groups, - ), +// 'users_ldap_group' => array( +// 'label' => "LDAP Group", +// 'type' => "option", +// 'note' => "", +// 'default' => '3', +// 'options' => $groups, +// ), ); } } -- cgit v1.3