summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-03-30 11:13:54 (GMT)
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2012-03-30 11:13:54 (GMT)
commit03686454c92239b44848767eadce9097aeec8223 (patch)
tree2a43da6e7508be1fd5ea667be4305cd7e98edd61
parent171b2d1f1e104c9c1110a722c7bc62fe1c407c8f (diff)
downloadkolab-wap-03686454c92239b44848767eadce9097aeec8223.tar.gz
Use more items from configuration
Circumvent bootstrap catch-22 during login
-rw-r--r--lib/Auth/LDAP.php43
1 files changed, 26 insertions, 17 deletions
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 7c5b658..f09e37f 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -68,7 +68,12 @@ class LDAP
if (!isset($domain) || empty($domain)) {
// If not, attempt to get the domain from the session.
if (isset($_SESSION['user'])) {
- $domain = $_SESSION['user']->get_domain();
+ try {
+ $domain = $_SESSION['user']->get_domain();
+ } catch (Exception $e) {
+ // TODO: Debug logging
+ error_log("Warning, user not authenticated yet");
+ }
}
}
@@ -183,11 +188,11 @@ class LDAP
'/usr/lib64/mozldap/ldapsearch',
'-x',
'-h',
- // TODO: Get from conf
- 'ldap.klab.cc',
+ $this->_ldap_server,
+ '-p',
+ $this->_ldap_port,
'-b',
- // TODO: Get from conf
- 'dc=klab,dc=cc',
+ $conf->get('base_dn'),
'-D',
'"' . $_SESSION['user']->user_bind_dn . '"',
'-w',
@@ -560,8 +565,12 @@ class LDAP
{
$conf = Conf::get_instance();
- $base_dn = $conf->get('ldap', 'user_base_dn');
- $filter = $conf->get('ldap', 'user_filter');
+ $base_dn = $conf->get('user_base_dn');
+
+ if (!$base_dn)
+ $base_dn = $conf->get('base_dn');
+
+ $filter = $conf->get('user_filter');
if (empty($attributes) || !is_array($attributes)) {
$attributes = array('*');
@@ -579,8 +588,7 @@ class LDAP
{
$conf = Conf::get_instance();
- // TODO: From config
- $base_dn = "dc=klab,dc=cc";
+ $base_dn = $conf->get('base_dn');
// TODO: From config
$filter = "(&(objectclass=ldapsubentry)(objectclass=nsroledefinition))";
@@ -598,14 +606,12 @@ class LDAP
private function groups_list($attributes = array(), $search = array())
{
- // TODO: From config
- $base_dn = "ou=Groups,dc=klab,dc=cc";
- // TODO: From config
- $filter = "(|"
- ."(objectClass=kolabgroupofnames)"
- ."(objectclass=kolabgroupofuniquenames)"
- ."(objectclass=kolabgroupofurls)"
- .")";
+ $base_dn = $conf->get('group_base_dn');
+
+ if (!$base_dn)
+ $base_dn = $conf->get('base_dn');
+
+ $filter = $conf->get('group_filter');
if (empty($attributes) || !is_array($attributes)) {
$attributes = array('*');
@@ -641,6 +647,7 @@ class LDAP
else {
$result[$dn][$attr] = array();
for ($z = 0; $z < $__result[$x][$attr]["count"]; $z++) {
+ // The first result in the array is the primary domain.
if ($z == 0 && $attr == $dn_attr) {
$result[$dn]['primary_domain'] = $__result[$x][$attr][$z];
}
@@ -1102,6 +1109,7 @@ class LDAP
private function _get_group_dn($root_dn, $search_filter)
{
+ // TODO: Why does this use privileged credentials?
if (($this->_bind($this->conf->get('bind_dn'), $this->conf->get('bind_pw'))) == false) {
$this->_bind($this->conf->get('manager_bind_dn'), $this->conf->get('manager_bind_pw'));
}
@@ -1124,6 +1132,7 @@ class LDAP
private function _get_user_dn($root_dn, $search_filter)
{
+ // TODO: Why does this use privileged credentials?
if (($this->_bind($this->conf->get('bind_dn'), $this->conf->get('bind_pw'))) == false) {
//message("WARNING: Invalid Service bind credentials supplied");
$this->_bind($this->conf->get('manager_bind_dn'), $this->conf->get('manager_bind_pw'));