[icinga-checkins] icinga.org: icinga-web/jmosshammer/default2: * Ldap AuthProvider fixes ( thanks to birger)

git at icinga.org git at icinga.org
Mon Jul 19 10:36:01 CEST 2010


Module: icinga-web
Branch: jmosshammer/default2
Commit: 7fc8d511b61abcf36022f5a00e4c975754b68dd6
URL:    https://git.icinga.org/?p=icinga-web.git;a=commit;h=7fc8d511b61abcf36022f5a00e4c975754b68dd6

Author: Marius Hein <marius.hein at netways.de>
Date:   Fri Jun 25 16:39:20 2010 +0200

* Ldap AuthProvider fixes (thanks to birger)
* Configurable user uid attribute

---

 app/modules/AppKit/config/auth.xml                 |    1 +
 .../models/Auth/Provider/LDAPModel.class.php       |    8 ++++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/app/modules/AppKit/config/auth.xml b/app/modules/AppKit/config/auth.xml
index 8f869c4..f5a896d 100755
--- a/app/modules/AppKit/config/auth.xml
+++ b/app/modules/AppKit/config/auth.xml
@@ -83,6 +83,7 @@
 			<ae:parameter name="ldap_basedn">DC=ad,DC=icinga,DC=org</ae:parameter>
 			<ae:parameter name="ldap_binddn">ldap at AD.ICINGA.ORG</ae:parameter>
 			<ae:parameter name="ldap_bindpw"><![CDATA[XXXXXXXXX]]></ae:parameter>
+			<ae:parameter name="ldap_userattr">uid</ae:parameter>
 			<ae:parameter name="ldap_filter_user"><![CDATA[(&(sAmAccountName=__USERNAME__))]]></ae:parameter>
 		</ae:parameter>
 		
diff --git a/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php b/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
index 77862f6..3e8cf10 100755
--- a/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
+++ b/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
@@ -25,7 +25,7 @@ class AppKit_Auth_Provider_LDAPModel extends AppKitAuthProviderBaseModel impleme
 	public function isAvailable($uid) {
 		$record = $this->getLdaprecord('(objectClass=*)', $uid);
 		if (is_array($record)) {
-			if ($record['distinguishedName'] === $uid) {
+			if ($record['dn'] === $uid) {
 				return true;
 			}
 		}
@@ -44,7 +44,7 @@ class AppKit_Auth_Provider_LDAPModel extends AppKitAuthProviderBaseModel impleme
 			if (is_array($data)) {
 				$re = (array)$this->mapUserdata($data);
 				$re['user_authid'] = $data['dn'];
-				$re['user_name'] = $data['sAMAccountName'];
+				$re['user_name'] = $data[$this->getParameter('ldap_userattr', 'uid')];
 				$re['user_disabled'] = 0;
 			}
 		}
@@ -84,7 +84,7 @@ class AppKit_Auth_Provider_LDAPModel extends AppKitAuthProviderBaseModel impleme
 	private function getSearchFilter($uid) {
 		$filter = $this->getParameter('ldap_filter_user');
 		if ($filter) {
-			return str_replace('__USERNAME__', quotemeta($uid), $filter);
+			return str_replace('__USERNAME__', $uid, $filter);
 		}
 	}
 	
@@ -108,4 +108,4 @@ class AppKit_Auth_Provider_LDAPModel extends AppKitAuthProviderBaseModel impleme
 	
 }
 
-?>
\ No newline at end of file
+?>





More information about the icinga-checkins mailing list