summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap
diff options
context:
space:
mode:
authorMarkus Kalkbrenner <markus.kalkbrenner@bio.logis.de>2011-11-17 11:16:56 +0100
committerRobin Appelman <icewind1991@gmail.com>2011-11-18 14:07:11 +0100
commit0155effdb75f3c1508ab96a14eb957fb434e51af (patch)
treea6d9fc4b4b3dc866f4d92411ade0ce5d020260d1 /apps/user_ldap
parent1c7ba0dd9eb79558fd4cd463aafa28bde1b51e85 (diff)
downloadnextcloud-server-0155effdb75f3c1508ab96a14eb957fb434e51af.tar.gz
nextcloud-server-0155effdb75f3c1508ab96a14eb957fb434e51af.zip
- bugfix: allow anonymous bind for search, then bind with users credentials.
- added explaination how to setup anonymous bind for search to template - make usage of TLS configurable
Diffstat (limited to 'apps/user_ldap')
-rw-r--r--apps/user_ldap/settings.php6
-rw-r--r--apps/user_ldap/templates/settings.php4
-rw-r--r--apps/user_ldap/user_ldap.php14
3 files changed, 16 insertions, 8 deletions
diff --git a/apps/user_ldap/settings.php b/apps/user_ldap/settings.php
index 8dbd3c0462b..b922ac99f98 100644
--- a/apps/user_ldap/settings.php
+++ b/apps/user_ldap/settings.php
@@ -20,12 +20,16 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
-$params = array('ldap_host', 'ldap_port', 'ldap_dn', 'ldap_password', 'ldap_base', 'ldap_filter');
+$params = array('ldap_host', 'ldap_port', 'ldap_dn', 'ldap_password', 'ldap_base', 'ldap_filter', 'ldap_tls');
foreach($params as $param){
if(isset($_POST[$param])){
OC_Appconfig::setValue('user_ldap', $param, $_POST[$param]);
}
+ elseif('ldap_tls' == $param) {
+ // unchecked checkboxes are not included in the post paramters
+ OC_Appconfig::setValue('user_ldap', $param, 0);
+ }
}
// fill template
diff --git a/apps/user_ldap/templates/settings.php b/apps/user_ldap/templates/settings.php
index 32e1b29dafb..374f1241741 100644
--- a/apps/user_ldap/templates/settings.php
+++ b/apps/user_ldap/templates/settings.php
@@ -4,9 +4,11 @@
<p><label for="ldap_host">Host<input type="text" id="ldap_host" name="ldap_host" value="<?php echo $_['ldap_host']; ?>"></label>
<label for="ldap_port">Port</label><input type="text" id="ldap_port" name="ldap_port" value="<?php echo $_['ldap_port']; ?>" /></p>
<p><label for="ldap_dn">Name</label><input type="text" id="ldap_dn" name="ldap_dn" value="<?php echo $_['ldap_dn']; ?>" />
- <label for="ldap_password">Password</label><input type="password" id="ldap_password" name="ldap_password" value="<?php echo $_['ldap_password']; ?>" /></p>
+ <label for="ldap_password">Password</label><input type="password" id="ldap_password" name="ldap_password" value="<?php echo $_['ldap_password']; ?>" />
+ Leave both empty for anonymous bind for search, then bind with users credentials.</p>
<p><label for="ldap_base">Base</label><input type="text" id="ldap_base" name="ldap_base" value="<?php echo $_['ldap_base']; ?>" />
<label for="ldap_filter">Filter (use %uid placeholder)</label><input type="text" id="ldap_filter" name="ldap_filter" value="<?php echo $_['ldap_filter']; ?>" /></p>
+ <p><input type="checkbox" id="ldap_tls" name="ldap_tls" value="1"<?php if ($_['ldap_tls']) echo ' checked'; ?>><label for="ldap_tls"><?php echo $l->t('Use TLS');?></label></p>
<input type="submit" value="Save" />
</fieldset>
</form>
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 4fb8daf3c47..1100be81eb8 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -33,6 +33,7 @@ class OC_USER_LDAP extends OC_User_Backend {
protected $ldap_password;
protected $ldap_base;
protected $ldap_filter;
+ protected $ldap_tls;
function __construct() {
$this->ldap_host = OC_Appconfig::getValue('user_ldap', 'ldap_host','');
@@ -41,11 +42,11 @@ class OC_USER_LDAP extends OC_User_Backend {
$this->ldap_password = OC_Appconfig::getValue('user_ldap', 'ldap_password','');
$this->ldap_base = OC_Appconfig::getValue('user_ldap', 'ldap_base','');
$this->ldap_filter = OC_Appconfig::getValue('user_ldap', 'ldap_filter','');
+ $this->ldap_tls = OC_Appconfig::getValue('user_tls', 'ldap_tls', 0);
if( !empty($this->ldap_host)
&& !empty($this->ldap_port)
- && !empty($this->ldap_dn)
- && !empty($this->ldap_password)
+ && ((!empty($this->ldap_dn) && !empty($this->ldap_password)) || (empty($this->ldap_dn) && empty($this->ldap_password)))
&& !empty($this->ldap_base)
&& !empty($this->ldap_filter)
)
@@ -63,9 +64,10 @@ class OC_USER_LDAP extends OC_User_Backend {
private function getDs() {
if(!$this->ds) {
$this->ds = ldap_connect( $this->ldap_host, $this->ldap_port );
- if(ldap_set_option($this->ds, LDAP_OPT_PROTOCOL_VERSION, 3))
- if(ldap_set_option($this->ds, LDAP_OPT_REFERRALS, 0))
- @ldap_start_tls($this->ds);
+ if(ldap_set_option($this->ds, LDAP_OPT_PROTOCOL_VERSION, 3))
+ if(ldap_set_option($this->ds, LDAP_OPT_REFERRALS, 0))
+ if($this->ldap_tls)
+ ldap_start_tls($this->ds);
}
// login
@@ -149,4 +151,4 @@ class OC_USER_LDAP extends OC_User_Backend {
}
-?> \ No newline at end of file
+?>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-14 12:22:11 +0000