LDAP Authentication [SOLVED]

A place for users and developers of the Xataface to discuss and receive support.

Re: LDAP Authentication [SOLVED]

Postby cantlep » Thu Mar 25, 2010 2:21 am

This seems to have sorted it:

It was this that was causing the issues.
Code: Select all
list($attribute) = explode(',', &$value);

It's now this
Code: Select all
list($attribute) = explode(',', $value);

Note the lack of ampersand. I've also changed some debugging options to make it clearer to read. Here's the full code. Many thanks to the chap who wrote it in the first instance!

Code: Select all
<?php

class dataface_modules_ldap {
        /**
         * Implementation of checkCredentials() hook.  This checks the
         * credentials to see if the username/password combination are
         * correct.
         */
   function checkCredentials(){

     $auth =& Dataface_AuthenticationTool::getInstance();
      $app =& Dataface_Application::getInstance();

      $creds = $auth->getCredentials();
      if ( !isset($auth->conf['ldap_host']) ) $auth->conf['ldap_host'] = 'localhost';
      if ( !isset($auth->conf['ldap_port']) ) $auth->conf['ldap_port'] = null;
      if ( !isset($auth->conf['ldap_base']) ){
         trigger_error("Please specify the LDAP basedn in the [_auth] section of the conf.ini file.", E_USER_ERROR);
      }

      if ( !function_exists('ldap_connect') ){
         trigger_error("Please install the PHP LDAP module in order to user LDAP authentication.", E_USER_ERROR);
      }
     //echo "qui";
      $ds = ldap_connect($auth->conf['ldap_host'], $auth->conf['ldap_port']);
      if ( !$ds ) trigger_error("Failed to connect to LDAP server", E_USER_ERROR);
      ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION,3);



     $good=false;

    if ( @ldap_bind( $ds, $creds['UserName'].'@'.$auth->conf['ldap_suffix'], $creds['Password']) )
     {
      $result = ldap_search($ds, $auth->conf['ldap_base'], '(sAMAccountname='.$creds['UserName'].')');

      //Create result set
      $entries = ldap_get_entries($ds, $result);

      //Sort and print
      //echo "User count: " . $entries["count"] . "<br /><br /><b>Users:</b><br />";
      //echo nl2br(print_r ($entries,true));
      for ($i=0; $i < $entries["count"]; $i++)
      {
         //echo "name:".$entries[$i]["memberof"][0]."<br />\n";
//      echo $entries[$i]['mail'][0];
         //Autoinsert in usertable if user in ldap not exist
         foreach ($entries[$i]['memberof'] as $value)
         {
            list($attribute) = explode(',', $value);
            if ($attribute == "CN=".$auth->conf['ldap_group'])
            {
               $good=true;

               $sql = "select * from ".$auth->conf['users_table']." where ".$auth->conf['username_column']."='".$creds['UserName']."'";
               $res = mysql_query($sql, $app->db()) or
               trigger_error("Failed to get username from usertable qry:".$sql." Err:".mysql_query(), E_USER_ERROR);
               //insert new user with default role
               if (mysql_num_rows($res)  < 1 )
               {
                  $sql = "insert into ".$auth->conf['users_table']." (".$auth->conf['username_column'].",ROLE,UserEmailAddress) value ('".$creds['UserName']."','ADMIN','".$entries[$i]['mail'][0]."')";
                  //$sql = "insert into ".$auth->conf['users_table']." (".$auth->conf['username_column'].",ROLE) value ('".$creds['UserName']."','ADMIN')";
                  $res = mysql_query($sql, $app->db()) or
                  trigger_error("Failed to insert username into  usertable qry:".$sql." Err:".mysql_query(), E_USER_ERROR);
               }

               break;
            }

         }
      }
      ldap_unbind($ds);

     }

     return $good;

}
}
?>
cantlep
 
Posts: 172
Joined: Fri Mar 05, 2010 2:14 am

Previous

Return to Xataface Users

Who is online

Users browsing this forum: No registered users and 40 guests

Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved