1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-26 08:42:41 +01:00

Merge pull request #157 from avish/active-directory-ldap

Add active-directory domain-based ldap authentication support
This commit is contained in:
Evan Priestley 2012-07-13 08:44:41 -07:00
commit f5754ddadc
2 changed files with 16 additions and 4 deletions

View file

@ -624,6 +624,10 @@ return array(
// the array will be joined // the array will be joined
'ldap.real_name_attributes' => array(), 'ldap.real_name_attributes' => array(),
// A domain name to use when authenticating against Active Directory
// (e.g. 'example.com')
'ldap.activedirectory_domain' => '',
// The LDAP version // The LDAP version
'ldap.version' => 3, 'ldap.version' => 3,

View file

@ -111,10 +111,17 @@ final class PhabricatorLDAPProvider {
throw new Exception('Username and/or password can not be empty'); throw new Exception('Username and/or password can not be empty');
} }
$result = ldap_bind($this->getConnection(), $activeDirectoryDomain =
$this->getSearchAttribute() . '=' . $username . ',' . PhabricatorEnv::getEnvConfig('ldap.activedirectory_domain');
$this->getBaseDN(),
$password); if ($activeDirectoryDomain) {
$dn = $username . '@' . $activeDirectoryDomain;
} else {
$dn = $this->getSearchAttribute() . '=' . $username . ',' .
$this->getBaseDN();
}
$result = ldap_bind($this->getConnection(), $dn, $password);
if (!$result) { if (!$result) {
throw new Exception('Bad username/password.'); throw new Exception('Bad username/password.');
@ -176,6 +183,7 @@ final class PhabricatorLDAPProvider {
for($i = 0; $i < $entries['count']; $i++) { for($i = 0; $i < $entries['count']; $i++) {
$row = array(); $row = array();
$entry = $entries[$i]; $entry = $entries[$i];
// Get username, email and realname // Get username, email and realname
$username = $entry[$this->getSearchAttribute()][0]; $username = $entry[$this->getSearchAttribute()][0];
if(empty($username)) { if(empty($username)) {