diff options
Diffstat (limited to 'radicale_web/web/infcloud/auth/plugins/ldap.inc')
| -rw-r--r-- | radicale_web/web/infcloud/auth/plugins/ldap.inc | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/radicale_web/web/infcloud/auth/plugins/ldap.inc b/radicale_web/web/infcloud/auth/plugins/ldap.inc new file mode 100644 index 0000000..f7012e5 --- /dev/null +++ b/radicale_web/web/infcloud/auth/plugins/ldap.inc @@ -0,0 +1,37 @@ +<?php + require_once(dirname(__FILE__).'/ldap_conf.inc'); + + function ldap_authenticate() + { + global $pluginconfig; + if($_SERVER['PHP_AUTH_USER']!="" && $_SERVER['PHP_AUTH_PW']!="") + { + $ds=ldap_connect($pluginconfig['host']); + + // if binding is required for LDAP search + if(isset($pluginconfig['bind_dn']) && isset($pluginconfig['bind_passwd'])) + { + @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); + if(!($r=@ldap_bind($ds, $pluginconfig['bind_dn'], $pluginconfig['bind_passwd']))) + return -2; // auth unsuccessful (bind error) + } + + // perform the search + if(($r=ldap_search($ds, $pluginconfig['basedn'], '(&('.$pluginconfig['user_attr'].'='.$_SERVER['PHP_AUTH_USER'].')'.(isset($pluginconfig['filter']) && $pluginconfig['filter']!='' ? '('.$pluginconfig['filter'].')' : '' ).')'))!==false) + { + $result=@ldap_get_entries($ds, $r); + if($result[0]) + { + @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3); + if(@ldap_bind($ds, $result[0]['dn'], $_SERVER['PHP_AUTH_PW'])) + { + @ldap_unbind($bi); + return 1; // auth successful + } + } + } + return -1; // auth unsuccessful + } + return 0; // empty username or password + } +?>
\ No newline at end of file |