[icinga-checkins] icinga.org: icinga-web/master: * Added anonymous auth fallback

git at icinga.org git at icinga.org
Wed Apr 18 17:19:25 CEST 2012


Module: icinga-web
Branch: master
Commit: 0ac8f3b7a75f07e4e1432758af061d82ba91629e
URL:    https://git.icinga.org/?p=icinga-web.git;a=commit;h=0ac8f3b7a75f07e4e1432758af061d82ba91629e

Author: Jannis Mosshammer <jannis.mosshammer at netways.de>
Date:   Wed Apr 18 17:19:08 2012 +0200

* Added anonymous auth fallback

---

 app/modules/AppKit/config/auth.xml.in              |    5 +++--
 .../models/Auth/Provider/LDAPModel.class.php       |    4 +++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/app/modules/AppKit/config/auth.xml.in b/app/modules/AppKit/config/auth.xml.in
index 67f219e..048d8a5 100644
--- a/app/modules/AppKit/config/auth.xml.in
+++ b/app/modules/AppKit/config/auth.xml.in
@@ -154,7 +154,8 @@
                 <ae:parameter name="user_lastname">sn</ae:parameter>
                 <ae:parameter name="user_email">mail</ae:parameter> 
             </ae:parameter>
-                                                                                    
+
+            <ae:parameter name="ldap_allow_anonymous">false</ae:parameter>
             <ae:parameter name="ldap_dsn">ldap://ad.icinga.foo</ae:parameter>
             <ae:parameter name="ldap_start_tls">false</ae:parameter>
             <ae:parameter name="ldap_basedn">DC=ad,DC=icinga,DC=foo</ae:parameter>
@@ -184,7 +185,7 @@
                 <ae:parameter name="user_lastname">sn</ae:parameter>
                 <ae:parameter name="user_email">mail</ae:parameter> 
             </ae:parameter>
-            
+            <ae:parameter name="ldap_allow_anonymous">false</ae:parameter>
             <ae:parameter name="ldap_dsn">ldap://ldap.myopenldap.foo/</ae:parameter>
             <ae:parameter name="ldap_start_tls">false</ae:parameter>
             <ae:parameter name="ldap_basedn">dc=myopenldap,dc=foo</ae:parameter>
diff --git a/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php b/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
index cd5171a..6e71cb4 100644
--- a/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
+++ b/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php
@@ -194,7 +194,9 @@ class AppKit_Auth_Provider_LDAPModel extends AppKitAuthProviderBaseModel impleme
             $bindpw = $this->getParameter('ldap_bindpw');
 
             $re = @ldap_bind($res, $binddn, $bindpw);
-
+            if($re != true && $this->getParameter('ldap_allow_anonymous',false)) {
+                $re = @ldap_bind($res);
+            }
             if ($re !== true) {
                 $this->log('Auth.Provider.LDAP Bind failed: (dn=%s)', $binddn, AgaviLogger::ERROR);
                 throw new AgaviSecurityException('Auth.Provider.LDAP: Bind failed');





More information about the icinga-checkins mailing list