Added option to use template string for bind DN (#90)
* Language update from launchpad * Added login option 'bind_dn_template'
This commit is contained in:
parent
cbdc0dacd6
commit
4eb3737d31
@ -400,6 +400,12 @@ $servers->setValue('server','name','My LDAP Server');
|
||||
setup. */
|
||||
// $servers->setValue('login','class',array());
|
||||
|
||||
/* If login_attr was set to 'dn', it is possible to specify a template string to
|
||||
build the DN from. Use '%s' where user input should be inserted. A user may
|
||||
still enter the complete DN. In this case the template will not be used. */
|
||||
// $servers->setValue('login','bind_dn_template',null);
|
||||
# $servers->setValue('login','bind_dn_template','cn=%s,ou=people,dc=example,dc=com');
|
||||
|
||||
/* If you specified something different from 'dn', for example 'uid', as the
|
||||
login_attr above, you can optionally specify here to fall back to
|
||||
authentication with dn.
|
||||
|
@ -80,7 +80,7 @@ if ($app['server']->getAuthType() == 'http') {
|
||||
|
||||
printf('<tr><td><b>%s:</b></td></tr>',
|
||||
$app['server']->getValue('login','auth_text') ? $app['server']->getValue('login','auth_text') :
|
||||
($app['server']->getValue('login','attr') == 'dn' ? _('Login DN') : $_SESSION[APPCONFIG]->getFriendlyName($app['server']->getValue('login','attr'))));
|
||||
($app['server']->getValue('login','attr') == 'dn' ? ($app['server']->getValue('login', 'bind_dn_template') ? _('User Name') . ' / ' . _('Login DN') : _('Login DN')) : $_SESSION[APPCONFIG]->getFriendlyName($app['server']->getValue('login','attr'))));
|
||||
|
||||
printf('<tr><td><input type="text" id="login" name="login" size="40" value="%s" /></td></tr>',
|
||||
$app['server']->getValue('login','attr',false) == 'dn' ? $app['server']->getValue('login','bind_id') : '');
|
||||
|
@ -574,6 +574,10 @@ class Datastore {
|
||||
'desc'=>'User Login ID to bind to this DS',
|
||||
'default'=>null);
|
||||
|
||||
$this->default->login['bind_dn_template'] = array(
|
||||
'desc'=>'Template string for user login DN to bind to this DS. Use \'%s\' where user input should be inserted.',
|
||||
'default'=>null);
|
||||
|
||||
$this->default->login['bind_pass'] = array(
|
||||
'desc'=>'User Login Password to bind to this DS',
|
||||
'default'=>null);
|
||||
|
@ -255,7 +255,7 @@ class ldap extends DS {
|
||||
if (! is_null($user)) {
|
||||
# If login,attr is set to DN, then user should be a DN
|
||||
if (($this->getValue('login','attr') == 'dn') || $method != 'user')
|
||||
$userDN = $user;
|
||||
$userDN = $this->getValue('login', 'bind_dn_template') ? $this->fillDNTemplate($user) : $user;
|
||||
else
|
||||
$userDN = $this->getLoginID($user,'login');
|
||||
|
||||
@ -512,6 +512,15 @@ class ldap extends DS {
|
||||
return $this->getBaseDN();
|
||||
}
|
||||
|
||||
private function fillDNTemplate($user) {
|
||||
foreach($this->getLoginBaseDN() as $base)
|
||||
if(substr_compare($user, $base, -strlen($base)) === 0)
|
||||
return $user; // $user already passed as DN
|
||||
|
||||
// fill template
|
||||
return sprintf($this->getValue('login', 'bind_dn_template'), preg_replace('/([,\\\\#+<>;"=])/', '\\\\$1', $user));
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the login classes that a user must have to login
|
||||
*/
|
||||
|
Binary file not shown.
Loading…
Reference in New Issue
Block a user