1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
<?php
/**
* The Auth_smb class provides an SMB implementation of the Horde
* authentication system.
*
* This module requires the smbauth extension for PHP:
* http://www.tekrat.com/smbauth/
*
* At the time of this writing, the extension, and thus this module, only
* supported authentication against a domain, and pdc and bdc must be non-null
* and not equal to each other. In other words, to use this module you must
* have a domain with at least one PDC and one BDC.
*
* Required parameters:<pre>
* 'hostspec' IP, DNS Name, or NetBios Name of the SMB server to
* authenticate with.
* 'domain' The domain name to authenticate with.</pre>
*
* Optional parameters:<pre>
* 'group' Group name that the user must be a member of. Will be
* ignored if the value passed is a zero length string.</pre>
*
*
* $Horde: framework/Auth/Auth/smb.php,v 1.20.10.8 2006/01/01 21:28:07 jan Exp $
*
* Copyright 1999-2006 Jon Parise <jon@horde.org>
* Copyright 2002-2006 Marcus I. Ryan <marcus@riboflavin.net>
*
* See the enclosed file COPYING for license information (LGPL). If you
* did not receive this file, see http://www.fsf.org/copyleft/lgpl.html.
*
* @author Jon Parise <jon@horde.org>
* @author Marcus I. Ryan <marcus@riboflavin.net>
* @since Horde 3.0
* @package Horde_Auth
*/
class Auth_smb extends Auth {
/**
* An array of capabilities, so that the driver can report which
* operations it supports and which it doesn't.
*
* @var array
*/
var $capabilities = array('add' => false,
'update' => false,
'resetpassword' => false,
'remove' => false,
'list' => false,
'transparent' => false);
/**
* Constructs a new SMB authentication object.
*
* @param array $params A hash containing connection parameters.
*/
function Auth_smb($params = array())
{
if (!Util::extensionExists('smbauth')) {
Horde::fatal(_("Auth_smbauth: Required smbauth extension not found."), __FILE__, __LINE__);
}
/* Ensure we've been provided with all of the necessary parameters. */
Horde::assertDriverConfig($params, 'auth',
array('hostspec', 'domain'),
'authentication Samba');
$this->_params = $params;
}
/**
* Find out if the given set of login credentials are valid.
*
* @access private
*
* @param string $userId The userId to check.
* @param array $credentials An array of login credentials.
*
* @return boolean True on success or a PEAR_Error object on failure.
*/
function _authenticate($userId, $credentials)
{
if (empty($credentials['password'])) {
Horde::fatal(_("No password provided for SMB authentication."), __FILE__, __LINE__);
}
/* Authenticate. */
$rval = validate($this->_params['hostspec'],
$this->_params['domain'],
empty($this->_params['group']) ? '' : $this->_params['group'],
$userId,
$credentials['password']);
if ($rval === 0) {
return true;
} else {
if ($rval === 1) {
$this->_setAuthError(AUTH_REASON_MESSAGE, _("Failed to connect to SMB server."));
} else {
$this->_setAuthError(AUTH_REASON_MESSAGE, err2str());
}
return false;
}
}
}
|
