Ejemplo n.º 1
0
 protected function tearDown()
 {
     if ($this->_ldap !== null) {
         $this->_ldap->disconnect();
         $this->_ldap = null;
     }
 }
Ejemplo n.º 2
0
 public function testDisconnect()
 {
     $ldap = new Zend_Ldap($this->_options);
     for ($i = 0; $i < 3; $i++) {
         $ldap->disconnect();
         try {
             $ldap->connect()->bind('CN=ignored,DC=example,DC=com', 'ignored');
             $this->fail('Expected exception for unknown username');
         } catch (Zend_Ldap_Exception $zle) {
             $this->assertContains('Invalid credentials', $zle->getMessage());
         }
     }
 }
Ejemplo n.º 3
0
 protected function _disconnect()
 {
     $this->_ressource->disconnect();
 }
Ejemplo n.º 4
0
 private static function _ldapIntegration($userId, $username, $password, $loginServer = null)
 {
     $userId = intval($userId);
     $conf = Phprojekt::getInstance()->getConfig();
     $ldapOptions = $conf->authentication->ldap->toArray();
     // Zend library does not allow determining from which server the user was found from
     // That's why we need to request the server from the user during login.
     $account = null;
     if ($loginServer !== null && array_key_exists($loginServer, $ldapOptions)) {
         $searchOpts = $ldapOptions[$loginServer];
         try {
             $ldap = new Zend_Ldap($searchOpts);
             $ldap->connect();
             $ldap->bind($username, $password);
             $filter = sprintf("(\n                        &(\n                           |(objectclass=posixAccount)\n                            (objectclass=Person)\n                        )\n                        (\n                            |(uid=%s)\n                             (samAccountName=%s)\n                         )\n                    )", $username, $username);
             $result = $ldap->search($filter, $searchOpts['baseDn']);
             $account = $result->getFirst();
             $ldap->disconnect();
         } catch (Exception $e) {
             throw new Phprojekt_Auth_Exception('Failed to establish a search connection to the LDAP server:' . ' ' . $server . ' ' . 'Please check your configuration for that server.', 8);
         }
     } else {
         throw new Phprojekt_Auth_Exception('Server not specified during login! "
             . "Please check that your login screen contains the login domain selection.', 9);
     }
     if ($account !== null) {
         // User found
         $integration = isset($conf->authentication->integration) ? $conf->authentication->integration->toArray() : array();
         $firstname = "";
         $lastname = "";
         $email = "";
         if (isset($account['givenname'])) {
             $firstname = $account['givenname'][0];
         }
         if (isset($account['sn'])) {
             $lastname = $account['sn'][0];
         }
         if (isset($account['mail'])) {
             $email = $account['mail'][0];
         }
         // Set user params
         $params = array();
         $params['id'] = intval($userId);
         // New user has id = 0
         $params['username'] = $username;
         $params['password'] = $password;
         $admins = array();
         if (isset($integration['systemAdmins'])) {
             $admins = split(",", $integration['systemAdmins']);
             foreach ($admins as $key => $admin) {
                 $admins[$key] = trim($admin);
             }
         }
         $params['admin'] = in_array($username, $admins) ? 1 : 0;
         // Default to non-admin (0)
         if ($userId > 0) {
             $user = self::_getUser($userId);
             $params['admin'] = intval($user->admin);
         }
         // Integrate with parameters found from LDAP server
         $params['firstname'] = $firstname;
         $params['lastname'] = $lastname;
         $params['email'] = $email;
         if ($userId > 0) {
             // Update user parameters with those found from LDAP server
             $user->find($userId);
             $params['id'] = $userId;
             if (!self::_saveUser($params)) {
                 throw new Phprojekt_Auth_Exception('User update failed for LDAP parameters', 10);
             }
         } else {
             // Add new user to PHProjekt
             // TODO: Default conf could be defined in configuration
             // Lists needed for checks ?
             // Set default parameters for users
             $params['status'] = "A";
             // Active user
             $params['language'] = isset($conf->language) ? $conf->language : "en";
             // Conf language / English
             $params['timeZone'] = "0000";
             // (GMT) Greenwich Mean Time: Dublin, Edinburgh, Lisbon, London
             // Default integration vals from config
             if (isset($integration['admin']) && $params['admin'] == 0) {
                 $val = intval($integration['admin']);
                 if ($val == 1 || $val == 0) {
                     $params['admin'] = $val;
                 }
             }
             if (isset($integration['status'])) {
                 $val = trim(strtoupper($integration['status']));
                 if (in_array($val, array("A", "I"))) {
                     $params['status'] = $val;
                 }
             }
             if (isset($integration['language'])) {
                 $val = trim(strtolower($integration['language']));
                 $languages = Phprojekt_LanguageAdapter::getLanguageList();
                 if (array_key_exists($val, $languages)) {
                     $params['language'] = $val;
                 } else {
                     if (($val = array_search('(' . $val . ')', $languages)) !== false) {
                         $params['language'] = $val;
                     }
                 }
             }
             if (isset($integration['timeZone'])) {
                 $val = trim(strtolower($integration['timeZone']));
                 $timezones = Phprojekt_Converter_Time::getTimeZones();
                 if (array_key_exists($val, $timezones)) {
                     $params['timeZone'] = $val;
                 } else {
                     if (($val = array_search($val, $timezones)) !== false) {
                         $params['timeZone'] = $val;
                     }
                 }
             }
             if (!self::_saveUser($params)) {
                 throw new Phprojekt_Auth_Exception('User creation failed after LDAP authentication', 10);
             }
         }
     } else {
         throw new Phprojekt_Auth_Exception('Failed to find the LDAP user with the given username', 11);
     }
 }