/**
* Get an instance of the LDAP object
*
* @return LDAP
*/
protected function getLdap()
{
$now = time();
if ($this->connectionLastUsed && $this->ldap && $now - $this->connectionLastUsed > self::RESET_TIMEOUT) {
$this->ldap->close();
$this->ldap = null;
}
$this->connectionLastUsed = $now;
if (!empty($this->ldap)) {
return $this->ldap;
}
$this->ldap = new Ldap($this->ldapUrl);
$this->ldap->setOption(Ldap::OPT_NETWORK_TIMEOUT, 10);
$this->ldap->bind($this->ldapBindUser, $this->ldapBindPassword);
return $this->ldap;
}
/**
* @return boolean
* @param string $user
* @param string $password
*/
private function _validateSMB4($user, $password, $onlyCheckIsExistsUser = false)
{
//Conexao com o servidor...
$connection = $this->_ldap->connect(Config::factory()->getParam('extra.ldap.samba4.host'), Config::factory()->getParam('extra.ldap.samba4.port'), Config::factory()->getParam('extra.ldap.samba4.version'));
//Autenticar o Administrador...
$this->_ldap->bind($connection, Config::factory()->getParam('extra.ldap.samba4.user'), Config::factory()->getParam('extra.ldap.samba4.password'));
//Recuperar DN do usuario para autenticacao...
$user = $this->_ldap->search($connection, Config::factory()->getParam('extra.ldap.samba4.dn'), Config::factory()->getParam('extra.ldap.samba4.filter') . $user, array('dn'));
//Verificar se o usuario existe...
if (count($user) > 1) {
if ($onlyCheckIsExistsUser) {
return 4;
}
} else {
return 5;
}
//Autenticar o Usuario...
$status = $this->_ldap->bind($connection, $user[0]['dn'], $password);
//Fechar Conexao...
$this->_ldap->close($connection);
return $status;
}
$p->secret = $_POST['secret'];
// Roman'i juhtum
//$p->lang = vp('lang', 2);
if (!(strlen($p->uname) >= 5 && strlen($p->secret) >= PASSWORD_MIN_LEN)) {
// FS#69
// $t->errors[ERROR][] = 'L001 ' . $l->txt_err_credientials;
$t->errors[ERROR][] = 'L001 ' . $l->txt_err_authentication;
// show_login_page($t, $o);
}
$ad = new LDAP();
// AD objekt
$ad->debug = $w->debug;
if (!$ad->connect()) {
$t->errors[ERROR][] = 'L002 ' . $l->txt_err_ldap_connect;
}
if (!$ad->bind($p->uname, $p->secret)) {
// create a syslog entry
syslog(LOG_NOTICE, sprintf("AD bind failed. user: %s remote_addr: %s method: %s token: %s", $p->uname, $w->remote_addr, $auth_method, $o->token));
// AD bind failis. Nüüd proovime lokaalse kasutajaga.
require INC_DIR . '/local.php';
if ($w->allow_local) {
if (!isset($d)) {
$d = new DATABASE();
// lokaalsed kasutajad paiknevad DB's. Siiani pole DB'd vaja läinud.
$d->debug = $w->debug;
if (!$d->connect(DB_HOST, DB_USER, DB_PASS, DATABASE)) {
$t->errors[ERROR][] = 'C001.1 ' . $l->txt_err_open_database;
}
}
// print_r($d);
if (local_login($d, $p->uname, $p->secret, $u)) {
/**
* functie om gemakkelijk de userinfo op te halen aan de hand van de username
*
* @param unknown_type $uid ugent username
* @return Array
*/
function getUserInfo($uid)
{
parent::connect();
parent::bind();
parent::search("uid=" . $uid);
return self::parseData(parent::get_entries());
}
<?php
// Kontrolli, kas Uni-ID ka olemas on? (konto AD's)
$ad = new LDAP();
$ad->debug = $w->debug;
if (!$ad->connect()) {
$t->errors[ERROR][] = 'L002.1 ' . $l->txt_err_ldap_connect;
show_error_page($t, $o);
exit;
}
if (!$ad->bind(LDAPUSER, LDAPPASS)) {
$t->errors[ERROR][] = 'L003.1 ' . $l->txt_err_ldap_bind;
show_login_page($t, $o);
exit;
}
// kasutaja kirjest huvitavad meid ainult järgmised read. Eelväärtustame
// $u(ser) objekti - nende võtmete alusel nopitakse mahukast ldap päringu
// vastusest välja täpselt need, meid huvitavad väärtused.
// KÕIK VÕTMEDVÄIKESTE TÄHTEDEGA
$u->samaccountname = '';
$u->displayname = '';
$u->hlmttufimisikukood = '';
// praeguse sertifikaadiga ei saa isikukoodi kätte
$u->mail = '';
$u->telephonenumber = '';
$u->mobile = '';
$u->private_mobile = '';
$u->company = '';
$u->streetaddress = '';
$u->roomnumber = '';
$u->title = '';
