Date index for Mar 2003

> I've improved and tried the ldap-auth-class in Achievo. Just minor 
> changes, foremost debugging if something fails along the way. It works 
> with achievo-0.9.0 (dunno if the interface have changed to 0.9.1/0.9.2).
>
> /Jonas
>  
PS. I tried to mail this as an attachement, but the mailserver refused. 
Therefore the code is included inline.

> <?php
>  /**
>   * This class does authentication through an ldap server.
>   *
>   *  dot 
>   *  dot 
>   *
>   *
>   */
>   
>   class auth_ldap extends auth_interface
>   {
>     function validateUser($user, $passwd)
>     { 
>     
>        $ldap = ldap_connect(atkconfig("authentication_ldap_host"));
> 	
> 	if ($ldap) {
> 	  atkdebug("Connected to LDAP");
> 	  $r = ldap_bind($ldap);
> 	  atkdebug("Result of bind is $r");
> 	  
> 	  $sri = ldap_search($ldap, atkconfig("authentication_ldap_context"), "uid=$user");
> 	  $allValues = ldap_get_entries($ldap, $sri);
> 	  if ($allValues["count"] > 0) {
> 	    // we only care about the first dn
> 	    $userDN = $allValues[0]["dn"];
>
> 	    // generate a bogus password to pass if the user doesn't give us 
> 	    // one 
> 	    // this gets around systems that are anonymous search enabled 
> 	    if (empty($passwd)) $passwd = crypt(microtime()); 
> 	    // try to bind as the user with user supplied password
> 	    if (ldap_bind($ldap,$userDN, $passwd)) {
> 	      return 1;
> 	    } else {
> 	      return 0;
> 	    }
> 	  } else {
> 	    $this->$m_fatalError = "No user with uid=$userid found";
> 	    return -1;
> 	  }
> 	} else {
> 	  atkdebug("Could not connect do LDAP");
> 	  $this->$m_fatalError = "Could not connect to LDAP";
> 	  return -1;
> 	}
>     }
>                         
>     function canMd5()
>     {
>       return 0;
>       //       return atkconfig("authentication_md5"); // ?? Is this correct? can we store passwords as md5 in ldap?
>     }
>   }
>
> ?>
>
>