protected function doClean($values)
{
$username = isset($values[$this->getOption('username_field')]) ? $values[$this->getOption('username_field')] : '';
bhLDAP::debug('######## Username: '******'password_field')]) ? $values[$this->getOption('password_field')] : '';
bhLDAP::debug('######## User exists?');
$user = Doctrine::getTable('sfGuardUser')->findOneByUsername($username);
// bhLDAP::debugDump($user, "user:");
if (!$user) {
if (bhLDAP::checkPassword($username, $password)) {
// pretend the user exists, then check AD password
bhLDAP::debug('######## User does not exist. Creating dummy user.');
$user = new sfGuardUser();
$user->setUsername($username);
$user->setSalt('unused');
$user->setPassword('unused');
$user->setUserProfile(new UserProfile());
$user->save();
}
return array_merge($values, array('user' => $user));
}
// password is ok?
bhLDAP::debug('######## Checking Password...');
if ($user->checkPassword($password)) {
bhLDAP::debug('######## Check Password successful...');
return array_merge($values, array('user' => $user));
}
bhLDAP::debug('######## Check Password failed...');
if ($this->getOption('throw_global_error')) {
throw new sfValidatorError($this, 'invalid');
}
throw new sfValidatorErrorSchema($this, array($this->getOption('username_field') => new sfValidatorError($this, 'invalid')));
}
public static function getConfig()
{
if (self::$config === null) {
$config = sfYaml::load(sfConfig::get('sf_config_dir') . '/LDAPAuth.yml');
self::debugDump($config, 'original parsed yaml');
self::$config = $config;
}
return self::$config;
}
public function executeSignin($request)
{
bhLDAP::debug("######## hello bhLDAPAuthActions::executeSignin");
$user = $this->getUser();
if ($user->isAuthenticated()) {
bhLDAP::debug("######## logged in! redirectifying to homepage");
return $this->redirect('@homepage');
}
/* bhLDAP::debugDump($user, 'the user'); */
$class = sfConfig::get('app_sf_guard_plugin_signin_form', 'bhLDAPAuthFormSignin');
$this->form = new $class();
bhLDAP::debug("######## Request Method = " . $request->getMethod());
if ($request->isMethod('post')) {
bhLDAP::debug("######## a login attempt! signing in (if validation passed) and redirectifying to homepage or wherever");
$this->form->bind($request->getParameter('signin'));
if ($this->form->isValid()) {
$values = $this->form->getValues();
$this->getUser()->signIn($values['user'], array_key_exists('remember', $values) ? $values['remember'] : false);
// always redirect to a URL set in app.yml
// or to the referer
// or to the homepage
$signinUrl = sfConfig::get('app_sf_guard_plugin_success_signin_url', $user->getReferer('@homepage'));
return $this->redirect($signinUrl);
}
} else {
bhLDAP::debug("######## not a POST! redirecting to signin form");
if ($this->getRequest()->isXmlHttpRequest()) {
$this->getResponse()->setHeaderOnly(true);
$this->getResponse()->setStatusCode(401);
return sfView::NONE;
}
// if we have been forwarded, then the referer is the current URL
// if not, this is the referer of the current request
$user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? $request->getUri() : $request->getReferer());
if ($this->getModuleName() != ($module = sfConfig::get('sf_login_module'))) {
return $this->redirect($module . '/' . sfConfig::get('sf_login_action'));
}
$this->getResponse()->setStatusCode(401);
}
}
public function signIn($user, $remember = false, $con = null)
{
$return = parent::signIn($user, $remember, $con);
bhLDAP::debug("######## hello bhLDAPAuthSecurityUser.class.php signIn()!");
// signin
# This either sets or overrides the parent::signIn function above
#$this->setAttribute('user_id', $user->getId(), 'sfGuardSecurityUser');
#$this->setAuthenticated(true);
#$this->clearCredentials();
#$this->addCredentials($user->getAllPermissionNames());
bhLDAP::debug("######## bhLDAPAuthSecurityUser id: " . $user->getID());
bhLDAP::debug("######## bhLDAPAuthSecurityUser Clearing Credentials...");
$this->clearCredentials();
bhLDAP::debug("######## bhLDAPAuthSecurityUser Fetching Credentials...");
//bhLDAP::debugDump($user, "######## $user");
$credentials = bhLDAP::getUserCredentials($user);
bhLDAP::debug("######## bhLDAPAuthSecurityUser Adding Credentials...");
$this->addCredentials($credentials);
bhLDAP::debug("######## bhLDAPAuthSecurityUser return...");
// die();
return $return;
}
<?php
use_helper('I18N');
$LDAP_config = bhLDAP::getConfig();
?>
<div id="sf_admin_container">
<div id="sf_guard_auth_form">
<?php
echo form_tag('@bh_ldap_signin');
?>
<h1>Log In</h1>
<fieldset>
<table>
<tr>
<th><label for="signin_username">Username</label></th>
<td>
<?php
echo $form['username']->renderError();
?>
<?php
echo $form['username']->render();
?>
<?php
echo $LDAP_config['adLDAP']['account_suffix'];
?>
</td>
</tr>
<?php
echo $form['password']->renderRow();
