| [ Index ] |
|
Code source de eGroupWare 1.2.106-2 |
1 <?php 2 /**************************************************************************\ 3 * eGroupWare API - Auth from LDAP * 4 * This file written by Lars Kneschke <lkneschke@linux-at-work.de> * 5 * and Joseph Engo <jengo@phpgroupware.org> * 6 * Authentication based on LDAP Server * 7 * Copyright (C) 2000, 2001 Joseph Engo * 8 * Copyright (C) 2002, 2003 Lars Kneschke * 9 * ------------------------------------------------------------------------ * 10 * This library is part of the eGroupWare API * 11 * http://www.egroupware.org/api * 12 * ------------------------------------------------------------------------ * 13 * This library is free software; you can redistribute it and/or modify it * 14 * under the terms of the GNU Lesser General Public License as published by * 15 * the Free Software Foundation; either version 2.1 of the License, * 16 * or any later version. * 17 * This library is distributed in the hope that it will be useful, but * 18 * WITHOUT ANY WARRANTY; without even the implied warranty of * 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * 20 * See the GNU Lesser General Public License for more details. * 21 * You should have received a copy of the GNU Lesser General Public License * 22 * along with this library; if not, write to the Free Software Foundation, * 23 * Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * 24 \**************************************************************************/ 25 26 /* $Id: class.auth_ads.inc.php 20295 2006-02-15 12:31:25Z $ */ 27 28 class auth_ 29 { 30 var $previous_login = -1; 31 32 function authenticate($username, $passwd) 33 { 34 if (ereg('[()|&=*,<>!~]',$username)) 35 { 36 return False; 37 } 38 39 if(!$ldap = @ldap_connect($GLOBALS['egw_info']['server']['ads_host'])) 40 { 41 //echo "<p>Failed connecting to ADS server '".$GLOBALS['egw_info']['server']['ads_host']."' for authenication, execution stopped</p>\n"; 42 $GLOBALS['egw']->log->message('F-Abort, Failed connecting to ADS server for authenication, execution stopped'); 43 $GLOBALS['egw']->log->commit(); 44 return False; 45 } 46 //echo "<p>Connected to LDAP server '".$GLOBALS['egw_info']['server']['ads_host']."' for authenication</p>\n"; 47 48 ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); 49 ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); 50 51 /* Login with the LDAP Admin. User to find the User DN. */ 52 if(!@ldap_bind($ldap,$username.'@'.$GLOBALS['egw_info']['server']['ads_domain'],$passwd)) 53 { 54 //echo "<p>Cant bind with '$username@".$GLOBALS['egw_info']['server']['ads_domain']."' with PW '$passwd' !!!</p>\n"; 55 return False; 56 } 57 //echo "<p>Bind with '$username@".$GLOBALS['egw_info']['server']['ads_domain']."' with PW '$passwd'.</p>\n"; 58 59 $attributes = array('samaccountname','givenName','sn','mail'); 60 $filter = "(samaccountname=$username)"; 61 // automatic create dn from domain: domain.com ==> DC=domain,DC=com 62 $base_dn = array(); 63 foreach(explode('.',$GLOBALS['egw_info']['server']['ads_domain']) as $dc) 64 { 65 $base_dn[] = 'DC='.$dc; 66 } 67 $base_dn = implode(',',$base_dn); 68 69 //echo "<p>Trying ldap_search(,$base_dn,$filter,".print_r($attributes,true)."</p>\n"; 70 $sri = ldap_search($ldap, $base_dn, $filter, $attributes); 71 $allValues = ldap_get_entries($ldap, $sri); 72 //_debug_array($allValues); 73 74 if ($allValues['count'] > 0) 75 { 76 if($GLOBALS['egw_info']['server']['case_sensitive_username'] == true) 77 { 78 if($allValues[0]['samaccountname'][0] != $username) 79 { 80 return false; 81 } 82 } 83 84 $account =& CreateObject('phpgwapi.accounts',$username,'u'); 85 if ($account->account_id) 86 { 87 return true; 88 } 89 if ($GLOBALS['egw_info']['server']['auto_create_acct']) 90 { 91 // create a global array with all availible info about that account 92 $GLOBALS['auto_create_acct'] = array(); 93 foreach(array( 94 'givenname' => 'firstname', 95 'sn' => 'lastname', 96 'mail' => 'email', 97 ) as $ldap_name => $acct_name) 98 { 99 $GLOBALS['auto_create_acct'][$acct_name] = 100 $GLOBALS['egw']->translation->convert($allValues[0][$ldap_name][0],'utf-8'); 101 } 102 return True; 103 } 104 } 105 /* dn not found or password wrong */ 106 return False; 107 } 108 109 function change_password($old_passwd, $new_passwd, $_account_id='') 110 { 111 return false; // Cant change passwd in ADS 112 } 113 } 114 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Feb 25 17:20:01 2007 | par Balluche grâce à PHPXref 0.7 |