Commit 0f881bc4 authored by Ad Schellevis's avatar Ad Schellevis

(ldap) re-enable ldap_scope and legacy auth containers.

parent 36473899
...@@ -80,6 +80,17 @@ class LDAP implements IAuthConnector ...@@ -80,6 +80,17 @@ class LDAP implements IAuthConnector
*/ */
private $ldapExtendedQuery = null; private $ldapExtendedQuery = null;
/**
* @var auth containers
*/
private $ldapAuthcontainers = null;
/**
* @var ldap scope
*/
private $ldapScope = "tree";
/** /**
* @var array list of already known usernames vs distinguished names * @var array list of already known usernames vs distinguished names
*/ */
...@@ -109,16 +120,20 @@ class LDAP implements IAuthConnector ...@@ -109,16 +120,20 @@ class LDAP implements IAuthConnector
/** /**
* search ldap tree * search ldap tree
* @param string $filter ldap filter string to use * @param string $filter ldap filter string to use
* @param string $ldap_scope scope either one or tree
* @return array|bool result list or false on errors * @return array|bool result list or false on errors
*/ */
private function search($filter, $ldap_scope = "tree") private function search($filter)
{ {
$result = false; $result = false;
if ($this->ldapHandle != null) { if ($this->ldapHandle != null) {
// if we're looking at multple dn's, split and combine output // if we're looking at multple dn's, split and combine output
foreach (explode(";", $this->baseSearchDN) as $baseDN) { if (!empty($this->ldapAuthcontainers)) {
if ($ldap_scope == "one") { $searchpaths = $this->ldapAuthcontainers;
} else {
$searchpaths = $this->baseSearchDN;
}
foreach (explode(";", $searchpaths) as $baseDN) {
if ($this->ldapScope == "one") {
$sr=@ldap_list($this->ldapHandle, $baseDN, $filter, $this->ldapSearchAttr); $sr=@ldap_list($this->ldapHandle, $baseDN, $filter, $this->ldapSearchAttr);
} else { } else {
$sr=@ldap_search($this->ldapHandle, $baseDN, $filter, $this->ldapSearchAttr); $sr=@ldap_search($this->ldapHandle, $baseDN, $filter, $this->ldapSearchAttr);
...@@ -185,6 +200,8 @@ class LDAP implements IAuthConnector ...@@ -185,6 +200,8 @@ class LDAP implements IAuthConnector
"ldap_bindpw" => "ldapBindPassword", "ldap_bindpw" => "ldapBindPassword",
"ldap_attr_user" => "ldapAttributeUser", "ldap_attr_user" => "ldapAttributeUser",
"ldap_extended_query" => "ldapExtendedQuery", "ldap_extended_query" => "ldapExtendedQuery",
"ldap_authcn" => "ldapAuthcontainers",
"ldap_scope" => "ldapScope",
"local_users" => "userDNmap" "local_users" => "userDNmap"
); );
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment