- bugfix: allow anonymous bind for search, then bind with users credentials.
- added explaination how to setup anonymous bind for search to template - make usage of TLS configurable
This commit is contained in:
parent
1c7ba0dd9e
commit
0155effdb7
|
@ -20,12 +20,16 @@
|
||||||
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
$params = array('ldap_host', 'ldap_port', 'ldap_dn', 'ldap_password', 'ldap_base', 'ldap_filter');
|
$params = array('ldap_host', 'ldap_port', 'ldap_dn', 'ldap_password', 'ldap_base', 'ldap_filter', 'ldap_tls');
|
||||||
|
|
||||||
foreach($params as $param){
|
foreach($params as $param){
|
||||||
if(isset($_POST[$param])){
|
if(isset($_POST[$param])){
|
||||||
OC_Appconfig::setValue('user_ldap', $param, $_POST[$param]);
|
OC_Appconfig::setValue('user_ldap', $param, $_POST[$param]);
|
||||||
}
|
}
|
||||||
|
elseif('ldap_tls' == $param) {
|
||||||
|
// unchecked checkboxes are not included in the post paramters
|
||||||
|
OC_Appconfig::setValue('user_ldap', $param, 0);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// fill template
|
// fill template
|
||||||
|
|
|
@ -4,9 +4,11 @@
|
||||||
<p><label for="ldap_host">Host<input type="text" id="ldap_host" name="ldap_host" value="<?php echo $_['ldap_host']; ?>"></label>
|
<p><label for="ldap_host">Host<input type="text" id="ldap_host" name="ldap_host" value="<?php echo $_['ldap_host']; ?>"></label>
|
||||||
<label for="ldap_port">Port</label><input type="text" id="ldap_port" name="ldap_port" value="<?php echo $_['ldap_port']; ?>" /></p>
|
<label for="ldap_port">Port</label><input type="text" id="ldap_port" name="ldap_port" value="<?php echo $_['ldap_port']; ?>" /></p>
|
||||||
<p><label for="ldap_dn">Name</label><input type="text" id="ldap_dn" name="ldap_dn" value="<?php echo $_['ldap_dn']; ?>" />
|
<p><label for="ldap_dn">Name</label><input type="text" id="ldap_dn" name="ldap_dn" value="<?php echo $_['ldap_dn']; ?>" />
|
||||||
<label for="ldap_password">Password</label><input type="password" id="ldap_password" name="ldap_password" value="<?php echo $_['ldap_password']; ?>" /></p>
|
<label for="ldap_password">Password</label><input type="password" id="ldap_password" name="ldap_password" value="<?php echo $_['ldap_password']; ?>" />
|
||||||
|
Leave both empty for anonymous bind for search, then bind with users credentials.</p>
|
||||||
<p><label for="ldap_base">Base</label><input type="text" id="ldap_base" name="ldap_base" value="<?php echo $_['ldap_base']; ?>" />
|
<p><label for="ldap_base">Base</label><input type="text" id="ldap_base" name="ldap_base" value="<?php echo $_['ldap_base']; ?>" />
|
||||||
<label for="ldap_filter">Filter (use %uid placeholder)</label><input type="text" id="ldap_filter" name="ldap_filter" value="<?php echo $_['ldap_filter']; ?>" /></p>
|
<label for="ldap_filter">Filter (use %uid placeholder)</label><input type="text" id="ldap_filter" name="ldap_filter" value="<?php echo $_['ldap_filter']; ?>" /></p>
|
||||||
|
<p><input type="checkbox" id="ldap_tls" name="ldap_tls" value="1"<?php if ($_['ldap_tls']) echo ' checked'; ?>><label for="ldap_tls"><?php echo $l->t('Use TLS');?></label></p>
|
||||||
<input type="submit" value="Save" />
|
<input type="submit" value="Save" />
|
||||||
</fieldset>
|
</fieldset>
|
||||||
</form>
|
</form>
|
||||||
|
|
|
@ -33,6 +33,7 @@ class OC_USER_LDAP extends OC_User_Backend {
|
||||||
protected $ldap_password;
|
protected $ldap_password;
|
||||||
protected $ldap_base;
|
protected $ldap_base;
|
||||||
protected $ldap_filter;
|
protected $ldap_filter;
|
||||||
|
protected $ldap_tls;
|
||||||
|
|
||||||
function __construct() {
|
function __construct() {
|
||||||
$this->ldap_host = OC_Appconfig::getValue('user_ldap', 'ldap_host','');
|
$this->ldap_host = OC_Appconfig::getValue('user_ldap', 'ldap_host','');
|
||||||
|
@ -41,11 +42,11 @@ class OC_USER_LDAP extends OC_User_Backend {
|
||||||
$this->ldap_password = OC_Appconfig::getValue('user_ldap', 'ldap_password','');
|
$this->ldap_password = OC_Appconfig::getValue('user_ldap', 'ldap_password','');
|
||||||
$this->ldap_base = OC_Appconfig::getValue('user_ldap', 'ldap_base','');
|
$this->ldap_base = OC_Appconfig::getValue('user_ldap', 'ldap_base','');
|
||||||
$this->ldap_filter = OC_Appconfig::getValue('user_ldap', 'ldap_filter','');
|
$this->ldap_filter = OC_Appconfig::getValue('user_ldap', 'ldap_filter','');
|
||||||
|
$this->ldap_tls = OC_Appconfig::getValue('user_tls', 'ldap_tls', 0);
|
||||||
|
|
||||||
if( !empty($this->ldap_host)
|
if( !empty($this->ldap_host)
|
||||||
&& !empty($this->ldap_port)
|
&& !empty($this->ldap_port)
|
||||||
&& !empty($this->ldap_dn)
|
&& ((!empty($this->ldap_dn) && !empty($this->ldap_password)) || (empty($this->ldap_dn) && empty($this->ldap_password)))
|
||||||
&& !empty($this->ldap_password)
|
|
||||||
&& !empty($this->ldap_base)
|
&& !empty($this->ldap_base)
|
||||||
&& !empty($this->ldap_filter)
|
&& !empty($this->ldap_filter)
|
||||||
)
|
)
|
||||||
|
@ -63,9 +64,10 @@ class OC_USER_LDAP extends OC_User_Backend {
|
||||||
private function getDs() {
|
private function getDs() {
|
||||||
if(!$this->ds) {
|
if(!$this->ds) {
|
||||||
$this->ds = ldap_connect( $this->ldap_host, $this->ldap_port );
|
$this->ds = ldap_connect( $this->ldap_host, $this->ldap_port );
|
||||||
if(ldap_set_option($this->ds, LDAP_OPT_PROTOCOL_VERSION, 3))
|
if(ldap_set_option($this->ds, LDAP_OPT_PROTOCOL_VERSION, 3))
|
||||||
if(ldap_set_option($this->ds, LDAP_OPT_REFERRALS, 0))
|
if(ldap_set_option($this->ds, LDAP_OPT_REFERRALS, 0))
|
||||||
@ldap_start_tls($this->ds);
|
if($this->ldap_tls)
|
||||||
|
ldap_start_tls($this->ds);
|
||||||
}
|
}
|
||||||
|
|
||||||
// login
|
// login
|
||||||
|
@ -149,4 +151,4 @@ class OC_USER_LDAP extends OC_User_Backend {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
Loading…
Reference in New Issue