[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Gforge-commits] gforge-plugin-ldapextauth/include LdapExtAuthPlugin.cla
|
From: |
lo-lan-do |
|
Subject: |
[Gforge-commits] gforge-plugin-ldapextauth/include LdapExtAuthPlugin.class, 1.1.1.1, 1.2 ldapextauth-init.php, 1.1.1.1, 1.2 |
|
Date: |
Thu, 23 Sep 2004 16:11:25 -0500 |
Update of /cvsroot/gforge/gforge-plugin-ldapextauth/include
In directory db.perdue.net:/tmp/cvs-serv14060/include
Modified Files:
LdapExtAuthPlugin.class ldapextauth-init.php
Log Message:
Public release of working code.
Index: LdapExtAuthPlugin.class
===================================================================
RCS file:
/cvsroot/gforge/gforge-plugin-ldapextauth/include/LdapExtAuthPlugin.class,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- LdapExtAuthPlugin.class 18 Jan 2004 21:47:19 -0000 1.1.1.1
+++ LdapExtAuthPlugin.class 23 Sep 2004 21:11:22 -0000 1.2
@@ -1,6 +1,28 @@
<?php
+/** External authentication via LDAP for Gforge
+ * Copyright 2003 Roland Mas <address@hidden>
+ * Copyright 2004 Roland Mas <address@hidden>
+ * The Gforge Group, LLC <http://gforgegroup.com/>
+ *
+ * This file is not part of Gforge
+ *
+ * This plugin, like Gforge, is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * GForge is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 US
+ */
require_once('common/include/User.class');
+require_once('/etc/gforge/plugins/ldapextauth/mapping.php') ;
class LdapextauthPlugin extends Plugin {
function LdapextauthPlugin () {
@@ -9,8 +31,22 @@
$this->hooks[] = "session_before_login";
$this->ldap_conn = false ;
- }
+ $this->base_dn = "dc=mirexpress" ;
+ $this->ldap_server = $sys_ldap_server ;
+ $this->ldap_port = $sys_ldap_port ;
+ require_once('/etc/gforge/plugins/ldapextauth/config.php') ;
+ if ($base_dn) {
+ $this->base_dn = $base_dn ;
+ }
+ if ($ldap_server) {
+ $this->ldap_server = $ldap_server ;
+ }
+ if ($ldap_port) {
+ $this->ldap_port = $ldap_port ;
+ }
+ }
+
function CallHook ($hookname, $params) {
global $Language, $HTML ;
@@ -20,9 +56,7 @@
switch ($hookname) {
case "session_before_login":
// Authenticate against LDAP
- $f=fopen ('php://stderr', 'a');
- fwrite ($f, "Login = $loginname pass = $passwd\n") ;
-
+ $this->AuthUser ($loginname, $passwd) ;
break;
case "blah":
// Should not happen
@@ -33,30 +67,121 @@
}
function AuthUser ($loginname, $passwd) {
+ global $feedback,$Language;
+
if (!$this->ldap_conn) {
- $this->ldap_conn = ldap_connect
($sys_ldap_host,$sys_ldap_port);
+ echo "ldap_connect ($this->ldap_server,
$this->ldap_port);";
+ $this->ldap_conn = ldap_connect ($this->ldap_server,
+ $this->ldap_port);
}
- if ($sys_ldap_version) {
- ldap_set_option ($this->ldap_conn,
LDAP_OPT_PROTOCOL_VERSION, $sys_ldap_version);
+ if ($GLOBALS['sys_ldap_version']) {
+ ldap_set_option ($this->ldap_conn,
LDAP_OPT_PROTOCOL_VERSION, $GLOBALS['sys_ldap_version']);
}
- $dn = "cn=".$loginname.",".$base_dn ;
- if (ldap_bind($this->ldap_conn,$dn,$user_pass)) {
- // User authenticated
- // Now get her info
- $res = ldap_search ($this->ldap_conn, $base_dn, $dn) ;
- $info = ldap_get_entries ($this->ldap_conn,$res);
-
- $realname = $info[0]['gecos'][0] ;
- $email = $info[0]['email'][0] ;
+ $dn = plugin_ldapextauth_getdn ($this, $loginname) ;
- // Insert into DB
- $u = new User () ;
- $u->create ($loginname, $realname, $passwd, $passwd,
$email,
- 1, 1, 0, 'GMT', '', 0) ;
- return true ;
+ $u = user_get_object_by_name ($loginname) ;
+ if ($u) {
+ // User exists in DB
+ if (ldap_bind($this->ldap_conn, $dn, $passwd)) {
+ // Password from form is valid in LDAP
+ if (session_login_valid_dbonly ($loginname,
$passwd, false)) {
+ // Also according to DB
+ return true ;
+ } else {
+ // Passwords mismatch, update DB's
+ $u->setPasswd ($passwd) ;
+ return true ;
+ }
+ } else {
+ // Wrong password according to LDAP
+
$feedback=$Language->getText('session','invalidpasswd');
+ return false ;
+ }
} else {
- // Do nothing
- return false ; // Probably ignored, but just in case
+ // User doesn't exist in DB yet
+ if (ldap_bind($this->ldap_conn, $dn, $passwd)) {
+ // User authenticated
+ // Now get her info
+ $res = ldap_read ($this->ldap_conn, $dn,
"objectclass=*") ;
+ $info = ldap_get_entries
($this->ldap_conn,$res);
+ $ldapentry = $info[0] ;
+
+ $mappedinfo = plugin_ldapextauth_mapping
($ldapentry) ;
+
+ // Insert into DB
+ $u = new User () ;
+
+ $unix_name = $loginname ;
+ $firstname = '' ;
+ $lastname = '' ;
+ $password1 = $passwd ;
+ $password2 = $passwd ;
+ $email = '' ;
+ $mail_site = 1 ;
+ $mail_va = 0 ;
+ $language_id = 1 ;
+ $timezone = 'GMT' ;
+ $jabber_address = '' ;
+ $jabber_only = 0 ;
+ $theme_id = 1 ;
+ $unix_box = '' ;
+ $address = '' ;
+ $address2 = '' ;
+ $phone = '' ;
+ $fax = '' ;
+ $title = '' ;
+ $ccode = 'US' ;
+ $send_mail = false ;
+
+ if ($mappedinfo['firstname']) {
+ $firstname = $mappedinfo['firstname'] ;
+ }
+ if ($mappedinfo['lastname']) {
+ $lastname = $mappedinfo['lastname'] ;
+ }
+ if ($mappedinfo['email']) {
+ $email = $mappedinfo['email'] ;
+ }
+ if ($mappedinfo['language_id']) {
+ $language_id =
$mappedinfo['language_id'] ;
+ }
+ if ($mappedinfo['timezone']) {
+ $timezone = $mappedinfo['timezone'] ;
+ }
+ if ($mappedinfo['jabber_address']) {
+ $jabber_address =
$mappedinfo['jabber_address'] ;
+ }
+ if ($mappedinfo['address']) {
+ $address = $mappedinfo['address'] ;
+ }
+ if ($mappedinfo['address2']) {
+ $address2 = $mappedinfo['address2'] ;
+ }
+ if ($mappedinfo['phone']) {
+ $phone = $mappedinfo['phone'] ;
+ }
+ if ($mappedinfo['fax']) {
+ $fax = $mappedinfo['fax'] ;
+ }
+ if ($mappedinfo['title']) {
+ $title = $mappedinfo['title'] ;
+ }
+ if ($mappedinfo['ccode']) {
+ $ccode = $mappedinfo['ccode'] ;
+ }
+
+ $u->create
($unix_name,$firstname,$lastname,$password1,$password2,$email,
+
$mail_site,$mail_va,$language_id,$timezone,$jabber_address,$jabber_only,$theme_id,
+ $unix_box, $address, $address2,
$phone, $fax, $title, $ccode, $send_mail) ;
+
+
+
+ $u->setStatus ('A') ;
+ return true ;
+ } else {
+
$feedback=$Language->getText('session','invalidpasswd');
+ return false ; // Probably ignored, but just in
case
+ }
}
}
}
Index: ldapextauth-init.php
===================================================================
RCS file:
/cvsroot/gforge/gforge-plugin-ldapextauth/include/ldapextauth-init.php,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -d -r1.1.1.1 -r1.2
--- ldapextauth-init.php 18 Jan 2004 21:47:19 -0000 1.1.1.1
+++ ldapextauth-init.php 23 Sep 2004 21:11:22 -0000 1.2
@@ -1,6 +1,27 @@
<?php
+/** External authentication via LDAP for Gforge
+ * Copyright 2003 Roland Mas <address@hidden>
+ * Copyright 2004 Roland Mas <address@hidden>
+ * The Gforge Group, LLC <http://gforgegroup.com/>
+ *
+ * This file is not part of Gforge
+ *
+ * This plugin, like Gforge, is free software; you can redistribute it
+ * and/or modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * GForge is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 US
+ */
-require_once
('/usr/lib/gforge/plugins/ldapextauth/include/LdapExtAuthPlugin.class') ;
+require_once
($GLOBALS['sys_plugins_path'].'/ldapextauth/include/LdapExtAuthPlugin.class') ;
$LdapExtAuthPluginObject = new LdapExtAuthPlugin ;
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Gforge-commits] gforge-plugin-ldapextauth/include LdapExtAuthPlugin.class, 1.1.1.1, 1.2 ldapextauth-init.php, 1.1.1.1, 1.2,
lo-lan-do <=
- Prev by Date:
[Gforge-commits] gforge-plugin-scmcvs/etc/plugins/scmcvs cvsweb.conf, 1.3, 1.4 cvsweb.conf.ori, 1.1, 1.2
- Next by Date:
[Gforge-commits] gforge/debian control,1.61,1.62
- Previous by thread:
[Gforge-commits] gforge-plugin-scmcvs/etc/plugins/scmcvs cvsweb.conf, 1.3, 1.4 cvsweb.conf.ori, 1.1, 1.2
- Next by thread:
[Gforge-commits] gforge/debian control,1.61,1.62
- Index(es):