public function test_with_working_credentials() { $_POST['username'] = $this->username; $_POST['password'] = $this->password; $authN = new LDAPAuthentication(); $this->assertTrue($authN->authenticate() instanceof User); }
protected function defaultFieldMap() { return array_merge(parent::defaultFieldMap(), array( 'uid'=>'samaccountname', 'email'=>'mail', 'firstname'=>'givenname', 'lastname'=>'sn', 'groupname'=>'cn', 'members'=>'member', 'memberuid'=>'dn', 'gid'=>'objectGUID' )); }
function pre_save(&$config, &$errors) { require_once 'class.AuthLdap.php'; list($__, $_N) = self::translate(); global $ost; if ($ost && !extension_loaded('ldap')) { $ost->setWarning($__('LDAP extension is not available')); $errors['err'] = $__('LDAP extension is not available. Please install or enable the `php-ldap` extension on your web server'); return; } if (!$config['basedn']) { if (!($servers = LDAPAuthentication::connectcheck($config['servers']))) { $this->getForm()->getField('basedn')->addError($__("No basedn specified. Example of DN attributes 'dc=foo,dc=com'.")); } } if (!$config['shortdomain']) { $this->getForm()->getField('shortdomain')->addError($__("No Domain Netbios names specified.")); } else { if (!$config['servers']) { $this->getForm()->getField('servers')->addError($__("No servers specified. Either specify a FQDN\n or ip address of servers")); } else { $servers = array(); foreach (preg_split('/\\s+/', $config['servers']) as $server) { $server = trim($server); $servers[] = array($server); } } } $ldapdata = array(); foreach (preg_split('/\\n/', $config['basedn']) as $i => $dn) { $dn = trim($dn); $servers = preg_split('/\\s+/', $config['servers']); $sd = preg_split('/;|,/', $config['shortdomain']); $ldapdata[] = array('dn' => $dn, 'sd' => $sd[$i], 'servers' => $servers[$i]); } $connection_error = LDAPMultiAuthentication::connectcheck($ldapdata); foreach ($connection_error as $i => $connerror) { //LDAPAuthentication::console($connerror); if (!$connerror['bool']) { $this->getForm()->getField('servers')->addError($connerror['msg']); $errors['err'] = $__('Unable to connect any listed LDAP servers'); } } global $msg; if (!$errors) { $msg = $__('LDAP configuration updated successfully'); } return !$errors; }
function pre_save(&$config, &$errors) { require_once 'include/Net/LDAP2.php'; global $ost; if ($ost && !extension_loaded('ldap')) { $ost->setWarning('LDAP extension is not available'); return; } if ($config['domain'] && !$config['servers']) { if (!($servers = LDAPAuthentication::autodiscover($config['domain'], preg_split('/,?\\s+/', $config['dns'])))) { $this->getForm()->getField('servers')->addError("Unable to find LDAP servers for this domain. Try giving\n an address of one of the DNS servers or manually specify\n the LDAP servers for this domain below."); } } else { if (!$config['servers']) { $this->getForm()->getField('servers')->addError("No servers specified. Either specify a Active Directory\n domain or a list of servers"); } else { $servers = array(); foreach (preg_split('/\\s+/', $config['servers']) as $host) { $servers[] = array('host' => $host); } } } $connection_error = false; foreach ($servers as $info) { // Assume MSAD $info['options']['LDAP_OPT_REFERRALS'] = 0; if ($config['tls']) { $info['starttls'] = true; // Don't require a certificate here putenv('LDAPTLS_REQCERT=never'); } if ($config['bind_dn']) { $info['binddn'] = $config['bind_dn']; $info['bindpw'] = $config['bind_pw'] ? $config['bind_pw'] : Crypto::decrypt($this->get('bind_pw'), SECRET_SALT, $this->getNamespace()); } // Set reasonable timeouts so we dont exceed max_execution_time $info['options'] = array('LDAP_OPT_TIMELIMIT' => 5, 'LDAP_OPT_NETWORK_TIMEOUT' => 5); $c = new Net_LDAP2($info); $r = $c->bind(); if (PEAR::isError($r)) { $connection_error = $r->getMessage() . ': Unable to bind to ' . $info['host']; } else { $connection_error = false; break; } } if ($connection_error) { $this->getForm()->getField('servers')->addError($connection_error); $errors['err'] = 'Unable to connect any listed LDAP servers'; } if (!$errors && $config['bind_pw']) { $config['bind_pw'] = Crypto::encrypt($config['bind_pw'], SECRET_SALT, $this->getNamespace()); } else { $config['bind_pw'] = $this->get('bind_pw'); } global $msg; if (!$errors) { $msg = 'LDAP configuration updated successfully'; } return !$errors; }
/** * Verify that bad credentials cause failure. * * @return void * @access public */ public function testWithWrongCredentials() { try { $_POST['username'] = $this->_username; $_POST['password'] = $this->_password . 'badpass'; $authN = new LDAPAuthentication(); $this->assertTrue(PEAR::isError($authN->authenticate())); } catch (IOException $unexpected) { $this->fail('Unexpected Exception with: ' . $unexpected->getMessage()); } }