aboutsummaryrefslogtreecommitdiff
path: root/radicale_infcloud/web/auth/plugins/ldap.inc
diff options
context:
space:
mode:
Diffstat (limited to 'radicale_infcloud/web/auth/plugins/ldap.inc')
-rw-r--r--radicale_infcloud/web/auth/plugins/ldap.inc37
1 files changed, 37 insertions, 0 deletions
diff --git a/radicale_infcloud/web/auth/plugins/ldap.inc b/radicale_infcloud/web/auth/plugins/ldap.inc
new file mode 100644
index 0000000..f7012e5
--- /dev/null
+++ b/radicale_infcloud/web/auth/plugins/ldap.inc
@@ -0,0 +1,37 @@
+<?php
+ require_once(dirname(__FILE__).'/ldap_conf.inc');
+
+ function ldap_authenticate()
+ {
+ global $pluginconfig;
+ if($_SERVER['PHP_AUTH_USER']!="" && $_SERVER['PHP_AUTH_PW']!="")
+ {
+ $ds=ldap_connect($pluginconfig['host']);
+
+ // if binding is required for LDAP search
+ if(isset($pluginconfig['bind_dn']) && isset($pluginconfig['bind_passwd']))
+ {
+ @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+ if(!($r=@ldap_bind($ds, $pluginconfig['bind_dn'], $pluginconfig['bind_passwd'])))
+ return -2; // auth unsuccessful (bind error)
+ }
+
+ // perform the search
+ if(($r=ldap_search($ds, $pluginconfig['basedn'], '(&('.$pluginconfig['user_attr'].'='.$_SERVER['PHP_AUTH_USER'].')'.(isset($pluginconfig['filter']) && $pluginconfig['filter']!='' ? '('.$pluginconfig['filter'].')' : '' ).')'))!==false)
+ {
+ $result=@ldap_get_entries($ds, $r);
+ if($result[0])
+ {
+ @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+ if(@ldap_bind($ds, $result[0]['dn'], $_SERVER['PHP_AUTH_PW']))
+ {
+ @ldap_unbind($bi);
+ return 1; // auth successful
+ }
+ }
+ }
+ return -1; // auth unsuccessful
+ }
+ return 0; // empty username or password
+ }
+?> \ No newline at end of file
bgstack15