Esempio n. 1
0
 /**
  * Gets the username from LDAP given the email address
  *
  * @todo Implement caching by retrieving all needed information in one query.
  * @todo Implement logging to LDAP queries same way like DB queries.
  *
  * @param string $p_email_address The email address.
  * @return string The username or null if not found.
  *
  * Based on ldap_get_field_from_username from MantisBT 1.2.14
  */
 private function ldap_get_username_from_email($p_email_address)
 {
     if ($this->_login_method == LDAP) {
         $t_email_field = 'mail';
         $t_ldap_organization = config_get('ldap_organization');
         $t_ldap_root_dn = config_get('ldap_root_dn');
         $t_ldap_uid_field = config_get('ldap_uid_field');
         $c_email_address = ldap_escape_string($p_email_address);
         log_event(LOG_LDAP, "Retrieving field '{$t_ldap_uid_field}' for '{$p_email_address}'");
         # Bind
         log_event(LOG_LDAP, "Binding to LDAP server");
         $t_ds = @ldap_connect_bind();
         if ($t_ds === false) {
             ldap_log_error($t_ds);
             return null;
         }
         # Search
         $t_search_filter = "(&{$t_ldap_organization}({$t_email_field}={$c_email_address}))";
         $t_search_attrs = array($t_ldap_uid_field, $t_email_field, 'dn');
         log_event(LOG_LDAP, "Searching for {$t_search_filter}");
         $t_sr = @ldap_search($t_ds, $t_ldap_root_dn, $t_search_filter, $t_search_attrs);
         if ($t_sr === false) {
             ldap_log_error($t_ds);
             ldap_unbind($t_ds);
             log_event(LOG_LDAP, "ldap search failed");
             return null;
         }
         # Get results
         $t_info = ldap_get_entries($t_ds, $t_sr);
         if ($t_info === false) {
             ldap_log_error($t_ds);
             log_event(LOG_LDAP, "ldap_get_entries() returned false.");
             return null;
         }
         # Free results / unbind
         log_event(LOG_LDAP, "Unbinding from LDAP server");
         ldap_free_result($t_sr);
         ldap_unbind($t_ds);
         # If no matches, return null.
         if ($t_info['count'] == 0) {
             log_event(LOG_LDAP, "No matches found.");
             return null;
         }
         # Make sure the requested field exists
         if (is_array($t_info[0]) && array_key_exists(strtolower($t_ldap_uid_field), $t_info[0])) {
             $t_value = $t_info[0][strtolower($t_ldap_uid_field)][0];
             log_event(LOG_LDAP, "Found value '{$t_value}' for field '{$t_ldap_uid_field}'.");
         } else {
             log_event(LOG_LDAP, "WARNING: field '{$t_ldap_uid_field}' does not exist");
             return null;
         }
         return $t_value;
     }
     return null;
 }
Esempio n. 2
0
/**
 * Authenticates the specified user id / password based on the simulation data.
 *
 * @param string $p_username   The username.
 * @param string $p_password  The password.
 * @return bool true for authenticated, false otherwise.
 */
function ldap_simulation_authenticate_by_username($p_username, $p_password)
{
    $c_username = ldap_escape_string($p_username);
    $t_user = ldap_simulation_get_user($c_username);
    if ($t_user === null) {
        log_event(LOG_LDAP, "ldap_simulation_authenticate: user '{$p_username}' not found.");
        return false;
    }
    if ($t_user['password'] != $p_password) {
        log_event(LOG_LDAP, "ldap_simulation_authenticate: expected password '{$t_user['password']}' and got '{$p_password}'.");
        return false;
    }
    log_event(LOG_LDAP, "ldap_simulation_authenticate: authentication successful for user '{$p_username}'.");
    return true;
}
function GET_ldapFilterSafe_or($name, $default_value)
{
    return isset($_GET[$name]) ? ldap_escape_string($_GET[$name]) : $default_value;
}
Esempio n. 4
0
/**
 * Authenticates the specified user id / password based on the simulation data.
 *
 * @param string $p_username The username.
 * @param string $p_password The password.
 * @return boolean true for authenticated, false otherwise.
 */
function ldap_simulation_authenticate_by_username($p_username, $p_password)
{
    $c_username = ldap_escape_string($p_username);
    $t_user = ldap_simulation_get_user($c_username);
    if ($t_user === null) {
        log_event(LOG_LDAP, 'ldap_simulation_authenticate: user \'' . $p_username . '\' not found.');
        return false;
    }
    if ($t_user['password'] != $p_password) {
        log_event(LOG_LDAP, 'ldap_simulation_authenticate: expected password \'' . $t_user['password'] . '\' and got \'' . $p_password . '\'.');
        return false;
    }
    log_event(LOG_LDAP, 'ldap_simulation_authenticate: authentication successful for user \'' . $p_username . '\'.');
    return true;
}
/**
 * CRITICAL - Mantis and TestLink have different return structure from ldap_connect_bind()
 *
 * Gets the value of a specific field from LDAP given the user name
 * and LDAP field name.
 *
 * @param string $p_username The user name.
 * @param string $p_field The LDAP field name.
 * @return string The field value or null if not found.
 */
function ldap_get_field_from_username($p_username, $p_field)
{
    $authCfg = config_get('authentication');
    $t_ldap_organization = $authCfg['ldap_organization'];
    $t_ldap_root_dn = $authCfg['ldap_root_dn'];
    $t_ldap_uid_field = $authCfg['ldap_uid_field'];
    // 'uid' by default
    $c_username = ldap_escape_string($p_username);
    $t_connect = @ldap_connect_bind();
    if ($t_connect === false) {
        return null;
    }
    $t_ds = $t_connect->handler;
    // DIFFERENCE WITH MANTIS
    # Search
    $t_search_filter = "(&{$t_ldap_organization}({$t_ldap_uid_field}={$c_username}))";
    $t_search_attrs = array($t_ldap_uid_field, $p_field, 'dn');
    // log_event( LOG_LDAP, "Searching for $t_search_filter" );
    $t_sr = @ldap_search($t_ds, $t_ldap_root_dn, $t_search_filter, $t_search_attrs);
    if ($t_sr === false) {
        // ldap_log_error( $t_ds );
        ldap_unbind($t_ds);
        // log_event( LOG_LDAP, "ldap search failed" );
        return null;
    }
    # Get results
    $t_info = ldap_get_entries($t_ds, $t_sr);
    if ($t_info === false) {
        ldap_log_error($t_ds);
        // log_event( LOG_LDAP, "ldap_get_entries() returned false." );
        return null;
    }
    # Free results / unbind
    // log_event( LOG_LDAP, "Unbinding from LDAP server" );
    ldap_free_result($t_sr);
    ldap_unbind($t_ds);
    # If no matches, return null.
    if ($t_info['count'] == 0) {
        // log_event( LOG_LDAP, "No matches found." );
        return null;
    }
    # Make sure the requested field exists
    if (is_array($t_info[0]) && array_key_exists($p_field, $t_info[0])) {
        $t_value = $t_info[0][$p_field][0];
        // log_event( LOG_LDAP, "Found value '{$t_value}' for field '{$p_field}'." );
    } else {
        //log_event( LOG_LDAP, "WARNING: field '$p_field' does not exist" );
        return null;
    }
    return $t_value;
}