/** * Create and return a user backend with the given name and given configuration applied to it * * @param string $name * @param ConfigObject $backendConfig * * @return UserBackendInterface * * @throws ConfigurationError */ public static function create($name, ConfigObject $backendConfig = null) { if ($backendConfig === null) { self::assertBackendsExist(); if (self::$backends->hasSection($name)) { $backendConfig = self::$backends->getSection($name); } else { throw new ConfigurationError('User backend "%s" does not exist', $name); } } if ($backendConfig->name !== null) { $name = $backendConfig->name; } if (!($backendType = strtolower($backendConfig->backend))) { throw new ConfigurationError('Authentication configuration for user backend "%s" is missing the \'backend\' directive', $name); } if ($backendType === 'external') { $backend = new ExternalBackend($backendConfig); $backend->setName($name); return $backend; } if (in_array($backendType, static::$defaultBackends)) { // The default backend check is the first one because of performance reasons: // Do not attempt to load a custom user backend unless it's actually required } elseif (($customClass = static::getCustomUserBackend($backendType)) !== null) { $backend = new $customClass($backendConfig); if (!is_a($backend, 'Icinga\\Authentication\\User\\UserBackendInterface')) { throw new ConfigurationError('Cannot utilize user backend of type "%s". Class "%s" does not implement UserBackendInterface', $backendType, $customClass); } $backend->setName($name); return $backend; } else { throw new ConfigurationError('Authentication configuration for user backend "%s" defines an invalid backend type.' . ' Backend type "%s" is not supported', $name, $backendType); } if ($backendConfig->resource === null) { throw new ConfigurationError('Authentication configuration for user backend "%s" is missing the \'resource\' directive', $name); } $resource = ResourceFactory::create($backendConfig->resource); switch ($backendType) { case 'db': $backend = new DbUserBackend($resource); break; case 'msldap': $backend = new LdapUserBackend($resource); $backend->setBaseDn($backendConfig->base_dn); $backend->setUserClass($backendConfig->get('user_class', 'user')); $backend->setUserNameAttribute($backendConfig->get('user_name_attribute', 'sAMAccountName')); $backend->setFilter($backendConfig->filter); break; case 'ldap': $backend = new LdapUserBackend($resource); $backend->setBaseDn($backendConfig->base_dn); $backend->setUserClass($backendConfig->get('user_class', 'inetOrgPerson')); $backend->setUserNameAttribute($backendConfig->get('user_name_attribute', 'uid')); $backend->setFilter($backendConfig->filter); break; } $backend->setName($name); return $backend; }