protected function tearDown() { if ($this->_ldap !== null) { $this->_ldap->disconnect(); $this->_ldap = null; } }
public function testDisconnect() { $ldap = new Zend_Ldap($this->_options); for ($i = 0; $i < 3; $i++) { $ldap->disconnect(); try { $ldap->connect()->bind('CN=ignored,DC=example,DC=com', 'ignored'); $this->fail('Expected exception for unknown username'); } catch (Zend_Ldap_Exception $zle) { $this->assertContains('Invalid credentials', $zle->getMessage()); } } }
protected function _disconnect() { $this->_ressource->disconnect(); }
private static function _ldapIntegration($userId, $username, $password, $loginServer = null) { $userId = intval($userId); $conf = Phprojekt::getInstance()->getConfig(); $ldapOptions = $conf->authentication->ldap->toArray(); // Zend library does not allow determining from which server the user was found from // That's why we need to request the server from the user during login. $account = null; if ($loginServer !== null && array_key_exists($loginServer, $ldapOptions)) { $searchOpts = $ldapOptions[$loginServer]; try { $ldap = new Zend_Ldap($searchOpts); $ldap->connect(); $ldap->bind($username, $password); $filter = sprintf("(\n &(\n |(objectclass=posixAccount)\n (objectclass=Person)\n )\n (\n |(uid=%s)\n (samAccountName=%s)\n )\n )", $username, $username); $result = $ldap->search($filter, $searchOpts['baseDn']); $account = $result->getFirst(); $ldap->disconnect(); } catch (Exception $e) { throw new Phprojekt_Auth_Exception('Failed to establish a search connection to the LDAP server:' . ' ' . $server . ' ' . 'Please check your configuration for that server.', 8); } } else { throw new Phprojekt_Auth_Exception('Server not specified during login! " . "Please check that your login screen contains the login domain selection.', 9); } if ($account !== null) { // User found $integration = isset($conf->authentication->integration) ? $conf->authentication->integration->toArray() : array(); $firstname = ""; $lastname = ""; $email = ""; if (isset($account['givenname'])) { $firstname = $account['givenname'][0]; } if (isset($account['sn'])) { $lastname = $account['sn'][0]; } if (isset($account['mail'])) { $email = $account['mail'][0]; } // Set user params $params = array(); $params['id'] = intval($userId); // New user has id = 0 $params['username'] = $username; $params['password'] = $password; $admins = array(); if (isset($integration['systemAdmins'])) { $admins = split(",", $integration['systemAdmins']); foreach ($admins as $key => $admin) { $admins[$key] = trim($admin); } } $params['admin'] = in_array($username, $admins) ? 1 : 0; // Default to non-admin (0) if ($userId > 0) { $user = self::_getUser($userId); $params['admin'] = intval($user->admin); } // Integrate with parameters found from LDAP server $params['firstname'] = $firstname; $params['lastname'] = $lastname; $params['email'] = $email; if ($userId > 0) { // Update user parameters with those found from LDAP server $user->find($userId); $params['id'] = $userId; if (!self::_saveUser($params)) { throw new Phprojekt_Auth_Exception('User update failed for LDAP parameters', 10); } } else { // Add new user to PHProjekt // TODO: Default conf could be defined in configuration // Lists needed for checks ? // Set default parameters for users $params['status'] = "A"; // Active user $params['language'] = isset($conf->language) ? $conf->language : "en"; // Conf language / English $params['timeZone'] = "0000"; // (GMT) Greenwich Mean Time: Dublin, Edinburgh, Lisbon, London // Default integration vals from config if (isset($integration['admin']) && $params['admin'] == 0) { $val = intval($integration['admin']); if ($val == 1 || $val == 0) { $params['admin'] = $val; } } if (isset($integration['status'])) { $val = trim(strtoupper($integration['status'])); if (in_array($val, array("A", "I"))) { $params['status'] = $val; } } if (isset($integration['language'])) { $val = trim(strtolower($integration['language'])); $languages = Phprojekt_LanguageAdapter::getLanguageList(); if (array_key_exists($val, $languages)) { $params['language'] = $val; } else { if (($val = array_search('(' . $val . ')', $languages)) !== false) { $params['language'] = $val; } } } if (isset($integration['timeZone'])) { $val = trim(strtolower($integration['timeZone'])); $timezones = Phprojekt_Converter_Time::getTimeZones(); if (array_key_exists($val, $timezones)) { $params['timeZone'] = $val; } else { if (($val = array_search($val, $timezones)) !== false) { $params['timeZone'] = $val; } } } if (!self::_saveUser($params)) { throw new Phprojekt_Auth_Exception('User creation failed after LDAP authentication', 10); } } } else { throw new Phprojekt_Auth_Exception('Failed to find the LDAP user with the given username', 11); } }