Example #1
0
File: Ldap.php Project: Rovak/zf2 
 /**
  * @param  string $username The username for authenticating the bind
  * @param  string $password The password for authenticating the bind
  * @return Ldap Provides a fluent interface
  * @throws Exception\LdapException
  */
 public function bind($username = null, $password = null)
 {
     $moreCreds = true;
     if ($username === null) {
         $username = $this->getUsername();
         $password = $this->getPassword();
         $moreCreds = false;
     }
     if (empty($username)) {
         /* Perform anonymous bind
          */
         $username = null;
         $password = null;
     } else {
         /* Check to make sure the username is in DN form.
          */
         if (!Dn::checkDn($username)) {
             if ($this->getBindRequiresDn()) {
                 /* moreCreds stops an infinite loop if getUsername does not
                  * return a DN and the bind requires it
                  */
                 if ($moreCreds) {
                     try {
                         $username = $this->getAccountDn($username);
                     } catch (Exception\LdapException $zle) {
                         switch ($zle->getCode()) {
                             case Exception\LdapException::LDAP_NO_SUCH_OBJECT:
                             case Exception\LdapException::LDAP_X_DOMAIN_MISMATCH:
                             case Exception\LdapException::LDAP_X_EXTENSION_NOT_LOADED:
                                 throw $zle;
                         }
                         throw new Exception\LdapException(null, 'Failed to retrieve DN for account: ' . $username . ' [' . $zle->getMessage() . ']', Exception\LdapException::LDAP_OPERATIONS_ERROR);
                     }
                 } else {
                     throw new Exception\LdapException(null, 'Binding requires username in DN form');
                 }
             } else {
                 $username = $this->getCanonicalAccountName($username, $this->getAccountCanonicalForm());
             }
         }
     }
     if (!is_resource($this->resource)) {
         $this->connect();
     }
     if ($username !== null && $password === '' && $this->getAllowEmptyPassword() !== true) {
         $zle = new Exception\LdapException(null, 'Empty password not allowed - see allowEmptyPassword option.');
     } else {
         ErrorHandler::start(E_WARNING);
         $bind = ldap_bind($this->resource, $username, $password);
         ErrorHandler::stop();
         if ($bind) {
             $this->boundUser = $username;
             return $this;
         }
         $message = $username === null ? $this->connectString : $username;
         switch ($this->getLastErrorCode()) {
             case Exception\LdapException::LDAP_SERVER_DOWN:
                 /* If the error is related to establishing a connection rather than binding,
                  * the connect string is more informative than the username.
                  */
                 $message = $this->connectString;
         }
         $zle = new Exception\LdapException($this, $message);
     }
     $this->disconnect();
     throw $zle;
 }
Example #2
0
 public function testCoreExplodeDnWithMultiValuedRdn()
 {
     $dn = 'cn=name1+uid=user,cn=name2,dc=example,dc=org';
     $k = array();
     $v = array();
     $this->assertTrue(Ldap\Dn::checkDn($dn, $k, $v));
     $ke = array(array('cn', 'uid'), 'cn', 'dc', 'dc');
     $ve = array(array('name1', 'user'), 'name2', 'example', 'org');
     $this->assertEquals($ke, $k);
     $this->assertEquals($ve, $v);
     $dn = 'cn=name11+cn=name12,cn=name2,dc=example,dc=org';
     $this->assertFalse(Ldap\Dn::checkDn($dn));
     $dn = 'CN=name11+Cn=name12,cn=name2,dc=example,dc=org';
     $this->assertFalse(Ldap\Dn::checkDn($dn));
 }