protected function parseSpecificContributions(&$contribNode) { parent::parseSpecificContributions($contribNode); if ($contribNode->nodeName != "actions") { return; } $actionXpath = new DOMXPath($contribNode->ownerDocument); if (!isset($this->options["FTP_LOGIN_SCREEN"]) || $this->options["FTP_LOGIN_SCREEN"] != "TRUE" || $this->options["FTP_LOGIN_SCREEN"] === false) { // Remove "ftp_login" && "ftp_set_data" actions $nodeList = $actionXpath->query('action[@name="dynamic_login"]', $contribNode); if (!$nodeList->length) { return; } unset($this->actions["dynamic_login"]); $contribNode->removeChild($nodeList->item(0)); $nodeList = $actionXpath->query('action[@name="ftp_set_data"]', $contribNode); if (!$nodeList->length) { return; } unset($this->actions["ftp_set_data"]); $contribNode->removeChild($node = $nodeList->item(0)); } else { // Replace "login" by "dynamic_login" $loginList = $actionXpath->query('action[@name="login"]', $contribNode); if ($loginList->length && $loginList->item(0)->getAttribute("auth_ftp_impl") == null) { $contribNode->removeChild($loginList->item(0)); } $dynaLoginList = $actionXpath->query('action[@name="dynamic_login"]', $contribNode); if ($dynaLoginList->length) { $dynaLoginList->item(0)->setAttribute("name", "login"); $dynaLoginList->item(0)->setAttribute("auth_ftp_impl", "true"); } } }
function init($options) { parent::init($options); AJXP_Logger::logAction('Auth.ldap :: init'); $this->ldapUrl = $options["LDAP_URL"]; if ($options["LDAP_PORT"]) { $this->ldapPort = $options["LDAP_PORT"]; } if ($options["LDAP_USER"]) { $this->ldapAdminUsername = $options["LDAP_USER"]; } if ($options["LDAP_PASSWORD"]) { $this->ldapAdminPassword = $options["LDAP_PASSWORD"]; } if ($options["LDAP_DN"]) { $this->ldapDN = $options["LDAP_DN"]; } if (isset($options["LDAP_FILTER"])) { $this->ldapFilter = $options["LDAP_FILTER"]; if ($this->ldapFilter != "" && !preg_match("/^\\(.*\\)\$/", $this->ldapFilter)) { $this->ldapFilter = "(" . $this->ldapFilter . ")"; } } else { $this->ldapFilter = "(objectClass=person)"; } if ($options["LDAP_USERATTR"]) { $this->ldapUserAttr = strtolower($options["LDAP_USERATTR"]); } else { $this->ldapUserAttr = 'uid'; } $this->ldapconn = $this->LDAP_Connect(); if ($this->ldapconn == null) { AJXP_Logger::logAction('LDAP Server connexion could NOT be established'); } }
function init($options) { parent::init($options); AJXP_Logger::logAction('Auth.ldap :: init'); $this->ldapUrl = $options["LDAP_URL"]; if ($options["LDAP_PORT"]) { $this->ldapPort = $options["LDAP_PORT"]; } if ($options["LDAP_USER"]) { $this->ldapAdminUsername = $options["LDAP_USER"]; } if ($options["LDAP_PASSWORD"]) { $this->ldapAdminPassword = $options["LDAP_PASSWORD"]; } if ($options["LDAP_DN"]) { $this->ldapDN = $options["LDAP_DN"]; } if ($options["LDAP_FILTER"]) { $this->ldapFilter = $options["LDAP_FILTER"]; } $this->ldapconn = $this->LDAP_Connect(); if ($this->ldapconn == null) { AJXP_Logger::logAction('LDAP Server connexion could NOT be established'); } }
public function getAuthImpl() { if (!isset(self::$authStorageImpl)) { if (!isset($this->pluginConf["MASTER_INSTANCE_CONFIG"])) { throw new Exception("Please set up at least one MASTER_INSTANCE_CONFIG in core.auth options"); } $masterName = is_array($this->pluginConf["MASTER_INSTANCE_CONFIG"]) ? $this->pluginConf["MASTER_INSTANCE_CONFIG"]["instance_name"] : $this->pluginConf["MASTER_INSTANCE_CONFIG"]; $masterName = str_replace("auth.", "", $masterName); if (!empty($this->pluginConf["SLAVE_INSTANCE_CONFIG"]) && !empty($this->pluginConf["MULTI_MODE"])) { $slaveName = is_array($this->pluginConf["SLAVE_INSTANCE_CONFIG"]) ? $this->pluginConf["SLAVE_INSTANCE_CONFIG"]["instance_name"] : $this->pluginConf["SLAVE_INSTANCE_CONFIG"]; $slaveName = str_replace("auth.", "", $slaveName); // Manually set up a multi config $userBase = $this->pluginConf["MULTI_USER_BASE_DRIVER"]; if ($userBase == "master") { $baseName = $masterName; } else { if ($userBase == "slave") { $baseName = $slaveName; } else { $baseName = ""; } } $mLabel = ""; $sLabel = ""; $separator = ""; $cacheMasters = true; if (isset($this->pluginConf["MULTI_MODE"]) && !isset($this->pluginConf["MULTI_MODE"]["instance_name"])) { $this->pluginConf["MULTI_MODE"]["instance_name"] = $this->pluginConf["MULTI_MODE"]["group_switch_value"]; } if ($this->pluginConf["MULTI_MODE"]["instance_name"] == "USER_CHOICE") { $mLabel = $this->pluginConf["MULTI_MODE"]["MULTI_MASTER_LABEL"]; $sLabel = $this->pluginConf["MULTI_MODE"]["MULTI_SLAVE_LABEL"]; $separator = $this->pluginConf["MULTI_MODE"]["MULTI_USER_ID_SEPARATOR"]; } else { $cacheMasters = $this->pluginConf["MULTI_MODE"]["CACHE_MASTER_USERS_TO_SLAVE"]; } $newOptions = array("instance_name" => "auth.multi", "MODE" => $this->pluginConf["MULTI_MODE"]["instance_name"], "MASTER_DRIVER" => $masterName, "USER_BASE_DRIVER" => $baseName, "USER_ID_SEPARATOR" => $separator, "CACHE_MASTER_USERS_TO_SLAVE" => $cacheMasters, "TRANSMIT_CLEAR_PASS" => $this->pluginConf["TRANSMIT_CLEAR_PASS"], "DRIVERS" => array($masterName => array("NAME" => $masterName, "LABEL" => $mLabel, "OPTIONS" => $this->pluginConf["MASTER_INSTANCE_CONFIG"]), $slaveName => array("NAME" => $slaveName, "LABEL" => $sLabel, "OPTIONS" => $this->pluginConf["SLAVE_INSTANCE_CONFIG"]))); // MERGE BASIC AUTH OPTIONS FROM MASTER $masterMainAuthOptions = array(); $keys = array("TRANSMIT_CLEAR_PASS", "AUTOCREATE_AJXPUSER", "LOGIN_REDIRECT", "AJXP_ADMIN_LOGIN"); if (is_array($this->pluginConf["MASTER_INSTANCE_CONFIG"])) { foreach ($keys as $key) { if (isset($this->pluginConf["MASTER_INSTANCE_CONFIG"][$key])) { $masterMainAuthOptions[$key] = $this->pluginConf["MASTER_INSTANCE_CONFIG"][$key]; } } } $newOptions = array_merge($newOptions, $masterMainAuthOptions); self::$authStorageImpl = ConfService::instanciatePluginFromGlobalParams($newOptions, "AbstractAuthDriver"); AJXP_PluginsService::getInstance()->setPluginUniqueActiveForType("auth", self::$authStorageImpl->getName(), self::$authStorageImpl); } else { self::$authStorageImpl = ConfService::instanciatePluginFromGlobalParams($this->pluginConf["MASTER_INSTANCE_CONFIG"], "AbstractAuthDriver"); AJXP_PluginsService::getInstance()->setPluginUniqueActiveForType("auth", self::$authStorageImpl->getName()); } } return self::$authStorageImpl; }
public function init($options) { parent::init($options); if (AJXP_Utils::searchIncludePath('Auth/Yubico.php')) { require_once 'Auth/Yubico.php'; } $this->usersSerFile = AJXP_VarsFilter::filter($this->getOption("USERS_FILEPATH")); $this->yubico_secret_key = AJXP_VarsFilter::filter($this->getOption("YUBICO_SECRET_KEY")); $this->yubico_client_id = AJXP_VarsFilter::filter($this->getOption("YUBICO_CLIENT_ID")); }
public function init($options) { parent::init($options); $this->sqlDriver = AJXP_Utils::cleanDibiDriverParameters($options["SQL_CUSTOM_DRIVER"]); $this->coreSqlDriver = AJXP_Utils::cleanDibiDriverParameters(array("group_switch_value" => "core")); $this->customTableName = $options["SQL_CUSTOM_TABLE"]; $this->customTableUid = $options["SQL_CUSTOM_TABLE_USER_FIELD"]; $this->customTablePwd = $options["SQL_CUSTOM_TABLE_PWD_FIELD"]; $this->customTableHashing = $options["SQL_CUSTOM_TABLE_PWD_HASH"]; }
public function init($options) { parent::init($options); if (!isset($this->options["FTP_LOGIN_SCREEN"]) || $this->options["FTP_LOGIN_SCREEN"] != "TRUE" || $this->options["FTP_LOGIN_SCREEN"] === false) { return; } // ENABLE WEBFTP LOGIN SCREEN $this->logDebug(__FUNCTION__, "Enabling authfront.webftp"); AJXP_PluginsService::findPluginById("authfront.webftp")->enabled = true; }
function init($options) { parent::init($options); $this->sqlDriver = $options["SQL_DRIVER"]; try { dibi::connect($this->sqlDriver); } catch (DibiException $e) { echo get_class($e), ': ', $e->getMessage(), "\n"; exit(1); } }
public function init($options) { parent::init($options); $this->sqlDriver = AJXP_Utils::cleanDibiDriverParameters($options["SQL_DRIVER"]); try { dibi::connect($this->sqlDriver); } catch (DibiException $e) { echo get_class($e), ': ', $e->getMessage(), "\n"; exit(1); } }
function init($options) { parent::init($options); require_once AJXP_BIN_FOLDER . "/dibi.compact.php"; $this->sqlDriver = $options["SQL_DRIVER"]; try { dibi::connect($this->sqlDriver); } catch (DibiException $e) { echo get_class($e), ': ', $e->getMessage(), "\n"; exit(1); } }
public function init($options) { parent::init($options); $this->radiusServer = $options["RADIUS Server"]; if ($options["RADIUS Port"]) { $this->radiusPort = $options["RADIUS Port"]; } if ($options["RADIUS Shared Secret"]) { $this->radiusSecret = $options["RADIUS Shared Secret"]; } if ($options["RADIUS Auth Type"]) { $this->radiusAuthType = $options["RADIUS Auth Type"]; } }
function init($options) { parent::init($options); $this->sqlDriver = $options["SQL_DRIVER"]; try { dibi::connect($this->sqlDriver); } catch (DibiException $e) { echo get_class($e), ': ', $e->getMessage(), "\n"; exit(1); } $this->prefix = $options["PREFIX_TABLE"]; $this->groupid = $options["FEU_GROUPID"]; $this->usersSerFile = $options["USERS_FILEPATH"]; }
function init($options) { parent::init($options); // run Phalcon Eye to get session from database require_once ROOT_PATH . "/app/engine/Config.php"; require_once ROOT_PATH . "/app/engine/Exception.php"; require_once ROOT_PATH . "/app/engine/ApplicationInitialization.php"; require_once ROOT_PATH . "/app/engine/Application.php"; $application = new \Engine\Application(); $application->run('session'); $identity = Phalcon\DI::getDefault()->get('session')->get('identity'); $viewer = \User\Model\User::findFirstById($identity); if (!$viewer || !$viewer->isAdmin()) { die('Access not allowed'); } }
function init($options) { $this->slaveMode = $options["SLAVE_MODE"] == "true"; if ($this->slaveMode && ALLOW_GUEST_BROWSING) { // Make sure "login" is disabled, or it will re-appear if GUEST browsing is enabled! // OLD WAY : unset($this->actions["login"]); // NEW WAY : Modify manifest dynamically (more coplicated...) $contribs = $this->xPath->query("registry_contributions/external_file"); foreach ($contribs as $contribNode) { if ($contribNode->getAttribute('filename') == 'server/xml/standard_auth_actions.xml') { $contribNode->parentNode->removeChild($contribNode); } } } parent::init($options); $this->usersSerFile = $options["USERS_FILEPATH"]; $this->secret = $options["SECRET"]; $this->urls = array($options["LOGIN_URL"], $options["LOGOUT_URL"]); }
function init($options) { parent::init($options); $this->sqlDriver = $options["SQL_DRIVER"]; try { dibi::connect($this->sqlDriver); } catch (DibiException $e) { echo get_class($e), ': ', $e->getMessage(), "\n"; exit(1); } $this->secret = $options["SECRET"]; $this->prefix = $options["PREFIX_TABLE"]; $this->urls = array($options["LOGIN_URL"], $options["LOGOUT_URL"]); $this->slaveMode = true; $res = dibi::query("SELECT sitepref_value FROM [" . $this->prefix . "siteprefs] WHERE sitepref_name = 'FEUajaxplorer_mapi_pref_ajxp_auth_group'"); $grp = $res->fetchSingle(); $this->groupid = $grp; $res2 = dibi::query("SELECT sitepref_value FROM [" . $this->prefix . "siteprefs] WHERE sitepref_name = 'FEUajaxplorer_mapi_pref_ajxp_secret'"); $sec = $res2->fetchSingle(); $this->secret_cmsms = trim($sec); }
public function getRegistryContributions($extendedVersion = true) { // $this->logDebug("get contributions NOW"); $this->loadRegistryContributions(); return parent::getRegistryContributions($extendedVersion); }
function replaceAjxpXmlKeywords($xml) { $xml = str_replace("AJXP_REMOTE_AUTH", "true", $xml); $xml = str_replace("AJXP_NOT_REMOTE_AUTH", "false", $xml); $xml = parent::replaceAjxpXmlKeywords($xml); return $xml; }
public function init($options) { parent::init($options); $this->usersSerFile = AJXP_VarsFilter::filter($this->getOption("USERS_FILEPATH")); }
public function updateUserObject(&$userObject) { parent::updateUserObject($userObject); if (!empty($this->separateGroup)) { $userObject->setGroupPath("/" . $this->separateGroup); } // SHOULD BE DEPRECATED if (!empty($this->customParamsMapping)) { $checkValues = array_values($this->customParamsMapping); $prefs = $userObject->getPref("CUSTOM_PARAMS"); if (!is_array($prefs)) { $prefs = array(); } // If one value exist, we consider the mapping has already been done. foreach ($checkValues as $val) { if (array_key_exists($val, $prefs)) { return; } } $changes = false; $entries = $this->getUserEntries($userObject->getId()); if ($entries["count"]) { $entry = $entries[0]; foreach ($this->customParamsMapping as $key => $value) { if (isset($entry[$key])) { $prefs[$value] = $entry[$key][0]; $changes = true; } } } if ($changes) { $userObject->setPref("CUSTOM_PARAMS", $prefs); $userObject->save(); } } if (!empty($this->paramsMapping)) { $changes = false; $entries = $this->getUserEntries($userObject->getId()); if ($entries["count"]) { $entry = $entries[0]; foreach ($this->paramsMapping as $params) { $key = strtolower($params['MAPPING_LDAP_PARAM']); if (isset($entry[$key])) { $value = $entry[$key][0]; $memberValues = array(); if ($key == "memberof") { // get CN from value foreach ($entry[$key] as $possibleValue) { $hnParts = array(); $parts = explode(",", ltrim($possibleValue, '/')); foreach ($parts as $part) { list($att, $attVal) = explode("=", $part); //if (strtolower($att) == "cn") $hnParts[] = $attVal; /* * In the example above, 1st CN indicates the name of group, from 2nd, CN indicate a container, * therefore, we just take the first "cn" element by breaking the for if we found. * */ if (strtolower($att) == "cn") { $hnParts[] = $attVal; break; } } if (count($hnParts)) { $memberValues[implode(",", $hnParts)] = $possibleValue; } } } switch ($params['MAPPING_LOCAL_TYPE']) { case "role_id": $valueFilters = null; $matchFilter = null; $filter = $params["MAPPING_LOCAL_PARAM"]; if (strpos($filter, "preg:") !== false) { $matchFilter = "/" . str_replace("preg:", "", $filter) . "/i"; } else { if (!empty($filter)) { $valueFilters = array_map("trim", explode(",", $filter)); } } if ($key == "memberof") { if (empty($valueFilters)) { $valueFilters = $this->getLdapGroupListFromDN(); } if ($this->mappedRolePrefix) { $rolePrefix = $this->mappedRolePrefix; } else { $rolePrefix = ""; } $userroles = $userObject->getRoles(); //remove all mapped roles before if (is_array($userroles)) { foreach ($userroles as $key => $role) { if (AuthService::getRole($key) && !(strpos($key, $this->mappedRolePrefix) === false)) { $userObject->removeRole($key); } } } $userObject->recomputeMergedRole(); foreach ($memberValues as $uniqValue => $fullDN) { $uniqValueWithPrefix = $rolePrefix . $uniqValue; if (isset($matchFilter) && !preg_match($matchFilter, $uniqValueWithPrefix)) { continue; } if (isset($valueFilters) && !in_array($uniqValueWithPrefix, $valueFilters)) { continue; } $roleToAdd = AuthService::getRole($uniqValueWithPrefix, true); $roleToAdd->setLabel($uniqValue); AuthService::updateRole($roleToAdd); $userObject->addRole($roleToAdd); $changes = true; } } else { foreach ($entry[$key] as $uniqValue) { if (isset($matchFilter) && !preg_match($matchFilter, $uniqValue)) { continue; } if (isset($valueFilters) && !in_array($uniqValue, $valueFilters)) { continue; } if (!in_array($uniqValue, array_keys($userObject->getRoles())) && !empty($uniqValue)) { $userObject->addRole(AuthService::getRole($uniqValue, true)); $changes = true; } } } break; case "group_path": if ($key == "memberof") { $filter = $params["MAPPING_LOCAL_PARAM"]; if (strpos($filter, "preg:") !== false) { $matchFilter = "/" . str_replace("preg:", "", $filter) . "/i"; } else { if (!empty($filter)) { $valueFilters = array_map("trim", explode(",", $filter)); } } foreach ($memberValues as $uniqValue => $fullDN) { if (isset($matchFilter) && !preg_match($matchFilter, $uniqValue)) { continue; } if (isset($valueFilters) && !in_array($uniqValue, $valueFilters)) { continue; } if ($userObject->personalRole->filterParameterValue("auth.ldap", "MEMBER_OF", AJXP_REPO_SCOPE_ALL, "") == $fullDN) { //break; } $humanName = $uniqValue; $branch = array(); $this->buildGroupBranch($uniqValue, $branch); $parent = "/"; if (count($branch)) { $parent = "/" . implode("/", array_reverse($branch)); } if (!ConfService::getConfStorageImpl()->groupExists(rtrim(AuthService::filterBaseGroup($parent), "/") . "/" . $fullDN)) { AuthService::createGroup($parent, $fullDN, $humanName); } $userObject->setGroupPath(rtrim($parent, "/") . "/" . $fullDN, true); // Update Roles from groupPath $b = array_reverse($branch); $b[] = $fullDN; for ($i = 1; $i <= count($b); $i++) { $userObject->addRole(AuthService::getRole("AJXP_GRP_/" . implode("/", array_slice($b, 0, $i)), true)); } $userObject->personalRole->setParameterValue("auth.ldap", "MEMBER_OF", $fullDN); $userObject->recomputeMergedRole(); $changes = true; } } break; case "profile": if ($userObject->getProfile() != $value) { $changes = true; $userObject->setProfile($value); AuthService::updateAutoApplyRole($userObject); } break; case "plugin_param": default: if (strpos($params["MAPPING_LOCAL_PARAM"], "/") !== false) { list($pId, $param) = explode("/", $params["MAPPING_LOCAL_PARAM"]); } else { $pId = $this->getId(); $param = $params["MAPPING_LOCAL_PARAM"]; } if ($userObject->personalRole->filterParameterValue($pId, $param, AJXP_REPO_SCOPE_ALL, "") != $value) { $userObject->personalRole->setParameterValue($pId, $param, $value); $userObject->recomputeMergedRole(); $changes = true; } break; } } } } if ($changes) { $userObject->save("superuser"); } } }
public function getLoginRedirect() { return parent::getLoginRedirect(); }
public function init($options) { parent::init($options); $this->url = AJXP_VarsFilter::filter($this->getOption("GITLAB_URL")); $this->usersSerFile = $options["USERS_FILEPATH"]; }
function init($options) { parent::init($options); $this->usersSerFile = $options["USERS_FILEPATH"]; }
protected function parseSpecificContributions(&$contribNode) { parent::parseSpecificContributions($contribNode); if ($this->masterSlaveMode) { return; } if ($contribNode->nodeName != "actions") { return; } // Replace callback code $actionXpath = new DOMXPath($contribNode->ownerDocument); $loginCallbackNodeList = $actionXpath->query('action[@name="login"]/processing/clientCallback', $contribNode); if (!$loginCallbackNodeList->length) { return; } $xmlContent = file_get_contents(AJXP_INSTALL_PATH . "/plugins/auth.multi/login_patch.xml"); $sources = array(); if (!isset($this->options) || !isset($this->options["DRIVERS"]) || !is_array($this->options["DRIVERS"])) { return; } foreach ($this->getOption("DRIVERS") as $driverDef) { $dName = $driverDef["NAME"]; if (isset($driverDef["LABEL"])) { $dLabel = $driverDef["LABEL"]; } else { $dLabel = $driverDef["NAME"]; } $sources[$dName] = $dLabel; } $xmlContent = str_replace("AJXP_MULTIAUTH_SOURCES", json_encode($sources), $xmlContent); $xmlContent = str_replace("AJXP_MULTIAUTH_MASTER", $this->getOption("MASTER_DRIVER"), $xmlContent); $xmlContent = str_replace("AJXP_USER_ID_SEPARATOR", $this->getOption("USER_ID_SEPARATOR"), $xmlContent); $patchDoc = new DOMDocument(); $patchDoc->loadXML($xmlContent); $patchNode = $patchDoc->documentElement; $imported = $contribNode->ownerDocument->importNode($patchNode, true); $loginCallback = $loginCallbackNodeList->item(0); $loginCallback->parentNode->replaceChild($imported, $loginCallback); //var_dump($contribNode->ownerDocument->saveXML($contribNode)); }
public function init($options) { parent::init($options); $options = $this->options; $this->ldapUrl = $options["LDAP_URL"]; if (isset($options["LDAP_PROTOCOL"]) && $options["LDAP_PROTOCOL"] == "ldaps") { $this->ldapUrl = "ldaps://" . $this->ldapUrl; } if ($options["LDAP_PORT"]) { $this->ldapPort = $options["LDAP_PORT"]; } if ($options["LDAP_USER"]) { $this->ldapAdminUsername = $options["LDAP_USER"]; } if ($options["LDAP_PASSWORD"]) { $this->ldapAdminPassword = $options["LDAP_PASSWORD"]; } if ($options["LDAP_DN"]) { $this->ldapDN = $this->parseReplicatedParams($options, array("LDAP_DN")); } if ($options["LDAP_GDN"]) { $this->ldapGDN = $this->parseReplicatedParams($options, array("LDAP_GDN")); } if (is_array($options["CUSTOM_DATA_MAPPING"])) { $this->customParamsMapping = $options["CUSTOM_DATA_MAPPING"]; } $this->paramsMapping = $this->parseReplicatedParams($options, array("MAPPING_LDAP_PARAM", "MAPPING_LOCAL_TYPE", "MAPPING_LOCAL_PARAM")); if (count($this->paramsMapping)) { foreach ($this->paramsMapping as $param) { if (strtolower($param["MAPPING_LOCAL_TYPE"]) == "group_path") { $this->hasGroupsMapping = $param["MAPPING_LDAP_PARAM"]; break; } } } if (!empty($options["LDAP_FILTER"])) { $this->ldapFilter = $options["LDAP_FILTER"]; if ($this->ldapFilter != "" && !preg_match("/^\\(.*\\)\$/", $this->ldapFilter)) { $this->ldapFilter = "(" . $this->ldapFilter . ")"; } } else { if ($this->hasGroupsMapping && !empty($this->ldapGFilter)) { $this->ldapFilter = "!(" . $this->ldapGFilter . ")"; } } if (!empty($options["LDAP_GROUP_FILTER"])) { $this->ldapGFilter = $options["LDAP_GROUP_FILTER"]; if ($this->ldapGFilter != "" && !preg_match("/^\\(.*\\)\$/", $this->ldapGFilter)) { $this->ldapGFilter = "(" . $this->ldapGFilter . ")"; } } else { $this->ldapGFilter = "(objectClass=group)"; } if (!empty($options["LDAP_USERATTR"])) { $this->ldapUserAttr = strtolower($options["LDAP_USERATTR"]); } else { $this->ldapUserAttr = 'uid'; } if (!empty($options["LDAP_GROUPATTR"])) { $this->ldapGroupAttr = strtolower($options["LDAP_GROUPATTR"]); } else { $this->ldapGroupAttr = 'cn'; } }