File: LdapUserStore.php

package info (click to toggle)
bamboo 1.2-2
  • links: PTS
  • area: main
  • in suites: sarge
  • size: 580 kB
  • ctags: 1,338
  • sloc: php: 4,061; makefile: 44; sh: 36
file content (84 lines) | stat: -rw-r--r-- 2,058 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
<?php

/************

LdapUserStore

Store users in ldap.

Example entry in b.site:
   userbackend = "ldap, <host>[:<port>] <base> <user-attr>"
   
   (quotes are needed if there is a = in the configuration line)
   
host: the host of the ldap search.
port: the port to connect to (optional).
base: the base of the directory information tree. 
user attr: what attribute to search for. ie uid, user, login, etc.

for example:
   userbackend = "ldap, macaw.riseup.net dc=riseup,dc=net uid"

*************/

$base = dirname(dirname(__FILE__));
require_once("$base/UserStore.php");

class LdapUserStore extends UserStore {

var $host;
var $port;
var $base;
var $attr;

function LdapUserStore($args) {
	$args = split(" ", $args);
	$host = split(":",$args[0]);
	if (isset($host[0])) $this->host = $host[0];
	if (isset($host[1])) $this->port = $host[1];
	if (empty($this->port))
		$this->port = 389;
	$this->base = $args[1];
	$this->attr = $args[2];
}

function authenticate($user,$pass,&$error) {
	$connection = ldap_connect($this->host,$this->port);
	if (!$connection) {
		$error = "Unable to connect to the directory server. (" . ldap_error($connection) .")";
		return false;
	}
	if (!ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3)) {
   		$error = "Failed to set protocol version to 3";
		return false;
	}

	$result = ldap_search( $connection, $this->base, $this->attr.'='.$user, array($this->attr));

	if (ldap_count_entries($connection,$result) == 0) {
		$error = _("User or password is incorrect");
		return false;
	} elseif (ldap_count_entries($connection,$result) > 1) {
		$error = _("More than one user has that login");
		return false;
	}

	$entries = ldap_get_entries($connection, $result);

	if ($entries[0]) {
		if ( @ldap_bind($connection, $entries[0]['dn'], $pass) ) {
			return true;
		} else {
			$error = _("User or password is incorrect") . " (" . ldap_error($connection) . ")";
			return false;
		}
	} else {
		 return "Unable to fetch user entry (" . ldap_error($connection) .")";
		 return false;
	}
}

} // end class

return;
?>