/**
* @return void
*/
public function testExplodeDnOperation()
{
$inputs = array('CN=Alice Baker,CN=Users,DC=example,DC=com' => true, 'CN=Baker\\, Alice,CN=Users,DC=example,DC=com' => true, 'OU=Sales,DC=local' => true, 'OU=Sales;DC=local' => true, 'OU=Sales ,DC=local' => true, 'OU=Sales, dC=local' => true, 'ou=Sales , DC=local' => true, 'OU=Sales ; dc=local' => true, 'DC=local' => true, ' DC=local' => true, 'DC= local ' => true, 'username' => false, '*****@*****.**' => false, 'EXAMPLE\\username' => false, 'CN=,Alice Baker,CN=Users,DC=example,DC=com' => false, 'CN=Users,DC==example,DC=com' => false, 'O=ACME' => true, '' => false, ' ' => false);
foreach ($inputs as $dn => $expected) {
$ret = Zend_Ldap::explodeDn($dn);
$this->assertTrue($ret === $expected);
}
}
/**
* @param string $username The username for authenticating the bind
* @param string $password The password for authenticating the bind
* @return Zend_Ldap Provides a fluent interface
* @throws Zend_Ldap_Exception
*/
public function bind($username = null, $password = null)
{
$moreCreds = true;
if ($username === null) {
$username = $this->_getUsername();
$password = $this->_getPassword();
$moreCreds = false;
}
if ($username === NULL) {
/* Perform anonymous bind
*/
$password = NULL;
} else {
/* Check to make sure the username is in DN form.
*/
if (!Zend_Ldap::explodeDn($username)) {
if ($this->_options['bindRequiresDn']) {
/* moreCreds stops an infinite loop if _getUsername does not
* return a DN and the bind requires it
*/
if ($moreCreds) {
try {
$username = $this->_getAccountDn($username);
} catch (Zend_Ldap_Exception $zle) {
/**
* @todo Temporary measure to deal with exception thrown for ldap extension not loaded
*/
if (strpos($zle->getMessage(), 'LDAP extension not loaded') !== false) {
throw $zle;
}
// end temporary measure
switch ($zle->getCode()) {
case Zend_Ldap_Exception::LDAP_NO_SUCH_OBJECT:
case Zend_Ldap_Exception::LDAP_X_DOMAIN_MISMATCH:
throw $zle;
}
throw new Zend_Ldap_Exception(null, 'Failed to retrieve DN for account: ' . $zle->getMessage(), Zend_Ldap_Exception::LDAP_OPERATIONS_ERROR);
}
} else {
/**
* @see Zend_Ldap_Exception
*/
require_once 'Zend/Ldap/Exception.php';
throw new Zend_Ldap_Exception(null, 'Binding requires username in DN form');
}
} else {
$username = $this->getCanonicalAccountName($username, Zend_Ldap::ACCTNAME_FORM_PRINCIPAL);
}
}
}
if (!is_resource($this->_resource)) {
$this->connect();
}
if ($username !== null && $password === '' && $this->_options['allowEmptyPassword'] !== true) {
/**
* @see Zend_Ldap_Exception
*/
require_once 'Zend/Ldap/Exception.php';
$zle = new Zend_Ldap_Exception(null, 'Empty password not allowed - see allowEmptyPassword option.');
} else {
if (@ldap_bind($this->_resource, $username, $password)) {
return $this;
}
$message = $username === null ? $this->_connectString : $username;
/**
* @see Zend_Ldap_Exception
*/
require_once 'Zend/Ldap/Exception.php';
switch (Zend_Ldap_Exception::getLdapCode($this)) {
case Zend_Ldap_Exception::LDAP_SERVER_DOWN:
/* If the error is related to establishing a connection rather than binding,
* the connect string is more informative than the username.
*/
$message = $this->_connectString;
}
$zle = new Zend_Ldap_Exception($this->_resource, $message);
}
$this->disconnect();
throw $zle;
}
