commit 04cf120fb5671819e4841b2075de2906bc0b5b1e
parent 337a8bc536d6a9a1f8a193b533c8d0370977d89f
Author: dankert <devnull@localhost>
Date: Sun, 21 Jan 2007 23:19:07 +0100
Neue Serviceklasse f?r LDAP-Zugriffe.
Diffstat:
2 files changed, 149 insertions(+), 0 deletions(-)
diff --git a/serviceClasses/Ldap.class.php b/serviceClasses/Ldap.class.php
@@ -0,0 +1,147 @@
+<?php
+#
+# DaCMS Content Management System
+# Copyright (C) 2002 Jan Dankert, jandankert@jandankert.de
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+
+/**
+ * Bereitstellen von LDAP-Funktionen.
+ * @author $Author$
+ * @version $Revision$
+ * @package openrat.services
+ */
+class Ldap
+{
+ var $connection;
+
+
+ /**
+ *
+ */
+ function Ldap()
+ {
+ }
+
+
+
+ /**
+ * Verbindung öffnen.
+ */
+ function connect()
+ {
+ global $conf;
+
+ $ldapHost = $conf['ldap']['host'];
+ $ldapPort = $conf['ldap']['port'];
+
+ // Verbindung zum LDAP-Server herstellen
+ $this->connection = @ldap_connect( $ldapHost,$ldapPort );
+
+ // Protokollversion setzen.
+ $j = ldap_set_option( $this->connection, LDAP_OPT_PROTOCOL_VERSION,intval($conf['ldap']['protocol']) );
+ if ( ! $j )
+ die( 'LDAP error while setting protocol version'.ldap_errno().'/'.ldap_error().')' );
+
+ // siehe http://bugs.php.net/bug.php?id=15637
+ // Unter bestimmten Bedingungen wird trotz nicht erreichbarem LDAP-Server eine PHP-Resource
+ // zurueck gegeben. Dann erscheint zwar keine Fehlermeldung, aber zumindestens misslingt
+ // der nachfolgende Bind-Befehl.
+ if ( !is_resource($this->connection) || $this->connection === false )
+ {
+ Logger::error( "connect to ldap server '$ldapHost:$ldapPort' failed" );
+ // Abbruch, wenn LDAP-Server nicht erreichbar
+ die( "Connection failed to $ldapHost:$ldapPort (".ldap_errno().'/'.ldap_error().'). Please contact your administrator.' );
+ }
+ }
+
+
+
+ /**
+ * Ein Binding auf den LDAP-Server durchführen.
+ */
+ function bind( $user,$pw )
+ {
+ return ldap_bind( $this->connection,$user,$pw);
+ }
+
+
+
+ /**
+ * Ein Binding auf den LDAP-Server durchführen.
+ */
+ function bindAnonymous()
+ {
+ return ldap_bind( $this->connection );
+ }
+
+
+
+ /**
+ * Das Bindung wird entfernt.
+ */
+ function unbind()
+ {
+ ldap_unbind( $this->connection );
+ }
+
+
+
+ /**
+ * Ein Binding auf den LDAP-Server durchführen.
+ */
+ function search( $username )
+ {
+ global $conf;
+
+ $techUser = $conf['ldap']['search']['user'];
+ $techPass = $conf['ldap']['search']['password'];
+
+ if ( $conf['ldap']['search']['anonymous'] )
+ $this->bindAnonymous();
+ else
+ $this->bind( $techUser, $techPass );
+
+ $dn = $conf['ldap']['search']['basedn'];
+ $filter = $conf['ldap']['search']['filter'];
+ $filter = str_replace('{user}', $username, $filter);
+ $timeout = intval($conf['ldap']['search']['timeout']);
+
+ if ( $conf['ldap']['search']['aliases'] )
+ $aliases = LDAP_DEREF_ALWAYS;
+ else
+ $aliases = LDAP_DEREF_NEVER;
+
+
+ $s = ldap_search( $this->connection,$dn,$filter,array(),0,1,$timeout,$aliases );
+ $dn = ldap_get_dn($this->connection, ldap_first_entry($this->connection,$s) );
+
+ return $dn;
+ }
+
+
+
+ /**
+ * Verbindung schließen.
+ */
+ function close()
+ {
+ // Verbindung zum LDAP-Server brav beenden
+ ldap_close( $this->connection );
+ }
+}
+
+?>+
\ No newline at end of file
diff --git a/serviceClasses/include.inc.php b/serviceClasses/include.inc.php
@@ -15,6 +15,7 @@ require_once( OR_SERVICECLASSES_DIR."AdministrationTree.class.".PHP_EXT );
require_once( OR_SERVICECLASSES_DIR."ProjectTree.class.".PHP_EXT );
require_once( OR_SERVICECLASSES_DIR."Preferences.class.".PHP_EXT );
require_once( OR_SERVICECLASSES_DIR."Mail.class.".PHP_EXT );
+require_once( OR_SERVICECLASSES_DIR."Ldap.class.".PHP_EXT );
require_once( OR_SERVICECLASSES_DIR."Dynamic.class.".PHP_EXT );
require_once( OR_SERVICECLASSES_DIR."Code.class.".PHP_EXT );
