Binds to the current connection using
the specified username and password. If sasl
is true, the current connection is bound using
SASL.
/**
* Binds to the current connection using the
* inserted credentials.
*
* @param string $username
* @param string $password
*
* @returns bool
*
* @throws AdldapException
*/
protected function bindUsingCredentials($username, $password)
{
if (empty($username)) {
// Allow binding with null username.
$username = null;
} else {
// If the username isn't empty, we'll append the configured
// account suffix to bind to the LDAP server.
$username .= $this->configuration->getAccountSuffix();
}
if (empty($password)) {
// Allow binding with null password
$password = null;
}
if ($this->connection->bind($username, $password) === false) {
$error = $this->connection->getLastError();
if ($this->connection->isUsingSSL() && $this->connection->isUsingTLS() === false) {
$message = 'Bind to Active Directory failed. Either the LDAPs connection failed or the login credentials are incorrect. AD said: ' . $error;
} else {
$message = 'Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $error;
}
throw new AdldapException($message);
}
return true;
}
/**
* {@inheritdoc}
*/
public function bindUsingKerberos($kerberosCredentials)
{
$key = 'KRB5CCNAME=';
putenv($key . $kerberosCredentials);
if ($this->connection->bind(null, null, true) === false) {
$error = $this->connection->getLastError();
$message = "Bind to Active Directory failed. AD said: {$error}";
throw new BindException($message);
}
}
/**
* {@inheritdoc}
*/
public function bind($username, $password, $prefix = null, $suffix = null)
{
// We'll allow binding with a null username and password
// if their empty. This will allow us to anonymously
// bind to our servers if needed.
$username = $username ?: null;
$password = $password ?: null;
if ($username) {
// If the username isn't empty, we'll append the configured
// account prefix and suffix to bind to the LDAP server.
$prefix = $prefix ?: $this->configuration->get('account_prefix');
$suffix = $suffix ?: $this->configuration->get('account_suffix');
$username = $prefix . $username . $suffix;
}
// We'll mute any exceptions / warnings here. All we need to know
// is if binding failed and we'll throw our own exception.
if (!@$this->connection->bind($username, $password)) {
throw new BindException($this->connection->getLastError(), $this->connection->errNo());
}
}
/**
* Binds to the current connection using the
* inserted credentials.
*
* @param string $username
* @param string $password
*
* @returns bool
*
* @throws AdldapException
*/
private function bindUsingCredentials($username, $password)
{
// Allow binding with null credentials
if (empty($username)) {
$username = null;
} else {
$username .= $this->configuration->getAccountSuffix();
}
if (empty($password)) {
$password = null;
}
if (!$this->connection->bind($username, $password)) {
$error = $this->connection->getLastError();
if ($this->connection->isUsingSSL() && !$this->connection->isUsingTLS()) {
$message = 'Bind to Active Directory failed. Either the LDAPs connection failed or the login credentials are incorrect. AD said: ' . $error;
} else {
$message = 'Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $error;
}
throw new AdldapException($message);
}
return true;
}
