public function authenticate(&$uname, $password, &$response)
 {
     $result = FALSE;
     if (preg_match($this->_prefs['usernameRegexp'], strtolower($uname), $pieces)) {
         $q = $this->_db->DBReadLocalUser($uname);
         if ($q) {
             if (md5($password) == $q[0]['password']) {
                 $response = array('uid' => $q[0]['username'], 'mail' => $q[0]['mail'], 'cn' => $q[0]['displayname'], 'displayName' => $q[0]['displayname'], 'organization' => $q[0]['organization']);
                 $result = TRUE;
             } else {
                 $result = FALSE;
             }
         } else {
             $result = FALSE;
         }
         //  Chain to the super class for any further properties to be added
         //  to the $response array:
         parent::authenticate($uname, $password, $response);
     }
     return $result;
 }
 public function Tryauthenticate($uname, $password, &$response)
 {
     global $smarty;
     // The username should not be their email address.
     // So remove everything after any @ sign.
     $uname = preg_replace('/@.*$/', '', $uname);
     $uname = preg_replace('/^.*\\\\/', '', $uname);
     //  Bind to one of our LDAP servers:
     foreach ($this->_ldapServers as $ldapServer) {
         if ($this->_ldapUseSSL) {
             $ldapServer = "ldaps://" . $ldapServer;
         }
         if ($ldapConn = ldap_connect($ldapServer)) {
             // Unfortunately ldap_connect() doesn't actually send any packets,
             // so it will pretty much always succeed even if the server's not
             // there.
             // So if the ldap_bind() fails, I have to fail quietly. :-(
             // Set the protocol to 3 only:
             ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
             ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
             //  Connection made, now attempt to bind:
             if ($ldapBind = @ldap_bind($ldapConn, $this->_ldapBindUser, $this->_ldapBindPass)) {
                 break;
             } else {
                 // Failed to bind. If the error was 'Can't contact LDAP server'
                 // then fail quietly and try the next server, else complain.
                 $ldaperror = ldap_error($ldapConn);
                 if (!preg_match('/can[not\']* *contact *ldap *server/i', $ldaperror)) {
                     NSSError("Connected to {$ldapServer} but could not bind, it said {$ldaperror}");
                 }
             }
         }
     }
     if ($ldapBind) {
         if (!is_array($this->_ldapBase)) {
             $this->_ldapBase = array($this->_ldapBase);
         }
         foreach ($this->_ldapBase as $ldapBase) {
             $ldapSearch = ldap_search($ldapConn, $ldapBase, "sAMAccountName={$uname}");
             if ($ldapSearch && ($ldapEntry = ldap_first_entry($ldapConn, $ldapSearch)) && ($ldapDN = ldap_get_dn($ldapConn, $ldapEntry))) {
                 //  We got a result and a DN for the user in question, so
                 //  try binding as the user now:
                 if ($result = @ldap_bind($ldapConn, $ldapDN, $password)) {
                     if ($responseArray = ldap_get_attributes($ldapConn, ldap_first_entry($ldapConn, $ldapSearch))) {
                         $response = array();
                         foreach ($responseArray as $key => $value) {
                             if (@$value['count'] >= 1) {
                                 $response[$key] = $value[0];
                             } else {
                                 $response[$key] = $value;
                             }
                             // Store the list of groups they are a member of
                             if (strtolower($key) == $this->_ldapMemberKey) {
                                 $groups = $value;
                             }
                         }
                         $response['organization'] = $this->_ldapOrg;
                         // Do the authorisation check. User must be a member of a group.
                         $authorisationPassed = TRUE;
                         if ($this->_ldapMemberKey != '' && $this->_ldapMemberRole != '') {
                             $authorisationPassed = FALSE;
                             foreach ($groups as $group) {
                                 if (strtolower($group) == $this->_ldapMemberRole) {
                                     $authorisationPassed = TRUE;
                                 }
                             }
                         }
                         if (!$authorisationPassed) {
                             NSSError($smarty->getConfigVariable('ErrorUnauthorizedUser'), 'Authorisation Failed');
                             $result = -69;
                             if ($ldapConn) {
                                 ldap_close($ldapConn);
                             }
                             return $result;
                         }
                         // Chain to the super class for any further properties to be added
                         // to the $response array:
                         parent::authenticate($uname, $password, $response);
                         if ($ldapConn) {
                             ldap_close($ldapConn);
                         }
                         return $result;
                     }
                 } else {
                     // We found a username matching but password didn't
                     if ($ldapConn) {
                         ldap_close($ldapConn);
                     }
                     return -69;
                 }
                 // } else {
                 //   if ( $ldapConn ) {
                 //     ldap_close($ldapConn);
                 //   }
                 //   return -69;
             }
         }
         // If we get to here, we managed to contact the server, but couldn't
         // find them in any of the BaseDNs we were told to search.
         if ($ldapConn) {
             ldap_close($ldapConn);
         }
         return -69;
     } else {
         NSSError('Check User: Unable to connect to any of the authentication servers; could not authenticate user.', 'LDAP Error');
         if ($ldapConn) {
             ldap_close($ldapConn);
         }
         return -70;
     }
     if ($ldapConn) {
         ldap_close($ldapConn);
     }
     return $result;
 }
 public function authenticate(&$uname, $password, &$response)
 {
     $result = FALSE;
     $mbox = @imap_open('{' . $this->_imapServer . '}INBOX', $uname, $password);
     if ($mbox) {
         $minfo = @imap_status($mbox, '{' . $this->_imapServer . '}INBOX', SA_MESSAGES);
         if ($minfo) {
             $response = array('uid' => strtolower($uname), 'mail' => strtolower($uname) . $this->_imapDomain, 'cn' => strtolower($uname) . $this->_imapDomain, 'displayName' => strtolower($uname) . $this->_imapDomain, 'organization' => $this->_imapOrg);
             $result = TRUE;
             //  Chain to the super class for any further properties to be added
             //  to the $response array:
             parent::authenticate($uname, $password, $response);
         }
     }
     @imap_close($mbox);
     return $result;
 }
 public function authenticate(&$uname, $password, &$response)
 {
     global $smarty;
     $result = FALSE;
     //  Bind to one of our LDAP servers:
     foreach ($this->_ldapServers as $ldapServer) {
         //if($this->_ldapUseSSL){$ldapServer="ldaps://".$ldapServer;}
         if ($ldapConn = ldap_connect($ldapServer)) {
             //  Set the protocol to 3 only:
             ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
             //  Connection made, now attempt to start TLS and bind anonymously:
             //  Only do start_tls if ldapUseSSL is false
             if (!$this->_ldapUseSSL || ldap_start_tls($ldapConn)) {
                 if ($ldapBind = @ldap_bind($ldapConn, $this->_ldapDn, $this->_ldapPass)) {
                     break;
                 }
             }
         }
     }
     if ($ldapBind) {
         $ldapSearch = ldap_search($ldapConn, $this->_ldapBase, "uid={$uname}");
         if ($ldapSearch && ($ldapEntry = ldap_first_entry($ldapConn, $ldapSearch)) && ($ldapDN = ldap_get_dn($ldapConn, $ldapEntry))) {
             //  We got a result and a DN for the user in question, so
             //  try binding as the user now:
             if ($result = @ldap_bind($ldapConn, $ldapDN, $password)) {
                 if ($responseArray = ldap_get_attributes($ldapConn, ldap_first_entry($ldapConn, $ldapSearch))) {
                     $response = array();
                     foreach ($responseArray as $key => $value) {
                         if (is_array($value) && $value['count'] >= 1) {
                             $response[$key] = $value[0];
                         } else {
                             $response[$key] = $value;
                         }
                         // Store the list of groups they are a member of
                         if (strtolower($key) == $this->_ldapMemberKey) {
                             $groups = $value;
                         }
                     }
                     // Set displayName=cn if not already set
                     if ($this->_ldapFullName != "displayName") {
                         $nameKeys = explode(" ", $this->_ldapFullName);
                         $nameWords = array();
                         foreach ($nameKeys as $k) {
                             if ($k) {
                                 $nameWords[] = $response[$k];
                             }
                         }
                         $response['displayName'] = implode(' ', $nameWords);
                     }
                     if (!$response['cn']) {
                         $response['cn'] = $response['displayName'];
                     }
                     if (!$response['organization']) {
                         $response['organization'] = $this->_ldapOrg;
                     }
                     // Do the authorisation check. User must be a member of a group.
                     $authorisationPassed = TRUE;
                     if ($this->_ldapMemberKey != '' && $this->_ldapMemberRole != '') {
                         $authorisationPassed = FALSE;
                         foreach ($groups as $group) {
                             if (strtolower($group) == $this->_ldapMemberRole) {
                                 $authorisationPassed = TRUE;
                             }
                         }
                     }
                     if (!$authorisationPassed) {
                         NSSError($smarty->getConfigVariable('ErrorUnauthorizedUser'), 'Authorisation Failed');
                         $result = FALSE;
                     }
                     //  Chain to the super class for any further properties to be added
                     //  to the $response array:
                     parent::authenticate($uname, $password, $response);
                 }
             }
         }
     } else {
         NSSError('Unable to connect to any of the LDAP servers; could not authenticate user.', 'LDAP Error');
     }
     if ($ldapConn) {
         ldap_close($ldapConn);
     }
     return $result;
 }
 public function authenticate(&$uname, $password, &$response)
 {
     if ($uname == NSS_STATIC_UID && $password == 'changeme') {
         $response = array('uid' => NSS_STATIC_UID, 'mail' => NSS_STATIC_UID . '@nowhere.org', 'cn' => 'Test User', 'displayName' => 'Test User');
         //  Chain to the super class for any further properties to be added
         //  to the $response array:
         parent::authenticate($uname, $password, $response);
         return TRUE;
     }
     return FALSE;
 }