attributes['username'] is required
This commit is contained in:
parent
9ed70a5b11
commit
297f320e6f
|
@ -189,7 +189,6 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin
|
|||
}
|
||||
$filter = Net_LDAP2_Filter::create($this->attributes['username'], 'equals', $username);
|
||||
$options = array(
|
||||
'scope' => 'sub',
|
||||
'attributes' => $attributes
|
||||
);
|
||||
$search = $ldap->search(null,$filter,$options);
|
||||
|
|
|
@ -50,6 +50,7 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
|
|||
public $uniqueMember_attribute = null;
|
||||
public $roles_to_groups = null;
|
||||
public $login_group = null;
|
||||
public $attributes = array();
|
||||
|
||||
function onInitializePlugin(){
|
||||
parent::onInitializePlugin();
|
||||
|
@ -68,6 +69,9 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
|
|||
if(!isset($this->roles_to_groups)){
|
||||
throw new Exception("roles_to_groups must be set.");
|
||||
}
|
||||
if(!isset($this->attributes['username'])){
|
||||
throw new Exception("username attribute must be set.");
|
||||
}
|
||||
}
|
||||
|
||||
//---interface implementation---//
|
||||
|
@ -86,7 +90,7 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
|
|||
}
|
||||
}
|
||||
}else{
|
||||
if($this->isMemberOfGroup($entry->dn(),login_group)){
|
||||
if($this->isMemberOfGroup($entry->dn(),$this->login_group)){
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
@ -142,8 +146,8 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
|
|||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
function ldap_get_config(){
|
||||
|
||||
function ldap_get_config(){
|
||||
$config = array();
|
||||
$keys = array('host','port','version','starttls','binddn','bindpw','basedn','options','filter','scope');
|
||||
foreach($keys as $key){
|
||||
|
@ -187,7 +191,6 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin
|
|||
}
|
||||
$filter = Net_LDAP2_Filter::create($this->attributes['username'], 'equals', $username);
|
||||
$options = array(
|
||||
'scope' => 'sub',
|
||||
'attributes' => $attributes
|
||||
);
|
||||
$search = $ldap->search(null,$filter,$options);
|
||||
|
|
|
@ -45,6 +45,9 @@ filter: Default search filter.
|
|||
scope: Default search scope.
|
||||
See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php
|
||||
|
||||
attributes: an array that relates StatusNet user attributes to LDAP ones
|
||||
username*: LDAP attribute value entered when authenticating to StatusNet
|
||||
|
||||
* required
|
||||
default values are in (parenthesis)
|
||||
|
||||
|
@ -72,7 +75,7 @@ addPlugin('ldapAuthentication', array(
|
|||
addPlugin('ldapAuthorization', array(
|
||||
'provider_name'=>'Example',
|
||||
'authoritative'=>false,
|
||||
'uniqueMember_attribute'=>'uniqueMember',
|
||||
'uniqueMember_attribute'=>'member',
|
||||
'roles_to_groups'=> array(
|
||||
'moderator'=>'CN=SN-Moderators,OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
|
||||
'administrator'=> array('CN=System-Adminstrators,OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
|
||||
|
@ -81,6 +84,8 @@ addPlugin('ldapAuthorization', array(
|
|||
'binddn'=>'username',
|
||||
'bindpw'=>'password',
|
||||
'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc',
|
||||
'host'=>array('server1', 'server2')
|
||||
'host'=>array('server1', 'server2'),
|
||||
'attributes'=>array(
|
||||
'username'=>'sAMAccountName')
|
||||
));
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user