composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-17 06:18:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

#1106, #1122: Added a new option 'start_tls' (false by default) and improved debugging capabilities for troubleshooting when something goes wrong with LDAP. Thanks to Karl (karkoff1212) for the hint.

Browse Source 
SVN:trunk[3764]
This commit is contained in:
Denis Flaven
2015-09-16 15:31:22 +00:00
parent 86a7d133f3
commit 853c96478b
2 changed files with 23 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
datamodels/2.x/authent-ldap/model.authent-ldap.php
View File

@@ -71,20 +71,38 @@ class UserLDAP extends UserInternal
$sDefaultLDAPUser = MetaModel::GetModuleSetting('authent-ldap', 'default_user', '');
$sDefaultLDAPPwd = MetaModel::GetModuleSetting('authent-ldap', 'default_pwd', '');
$bLDAPStartTLS = MetaModel::GetModuleSetting('authent-ldap', 'start_tls', false);
$aOptions = MetaModel::GetModuleSetting('authent-ldap', 'options', array());
if (array_key_exists(LDAP_OPT_DEBUG_LEVEL, $aOptions))
{
// Set debug level before trying to connect, so that debug info appear in the PHP error log if ldap_connect goes wrong
$bRet = ldap_set_option($hDS, LDAP_OPT_DEBUG_LEVEL, $aOptions[LDAP_OPT_DEBUG_LEVEL]);
$this->LogMessage("ldap_set_option('$name', '$value') returned ".($bRet ? 'true' : 'false'));
}
$hDS = @ldap_connect($sLDAPHost, $iLDAPPort);
if ($hDS === false)
{
$this->LogMessage("ldap_authentication: can not connect to the LDAP server '$sLDAPHost' (port: $iLDAPPort). Check the configuration file config-itop.php.");
return false;
}
$aOptions = MetaModel::GetModuleSetting('authent-ldap', 'options', array());
foreach($aOptions as $name => $value)
{
ldap_set_option($hDS, $name, $value);
$bRet = ldap_set_option($hDS, $name, $value);
$this->LogMessage("ldap_set_option('$name', '$value') returned ".($bRet ? 'true' : 'false'));
}
if ($bLDAPStartTLS)
{
$this->LogMessage("ldap_authentication: start tls required.");
$hStartTLS = ldap_start_tls($hDS);
//$this->LogMessage("ldap_authentication: hStartTLS = '$hStartTLS'");
if (!$hStartTLS)
{
$this->LogMessage("ldap_authentication: start tls failed.");
return false;
}
}
if ($bind = @ldap_bind($hDS, $sDefaultLDAPUser, $sDefaultLDAPPwd))
{
// Search for the person, using the specified query expression

1
datamodels/2.x/authent-ldap/module.authent-ldap.php
View File

@@ -56,6 +56,7 @@ SetupWebPage::AddModule(
LDAP_OPT_PROTOCOL_VERSION => 3,
LDAP_OPT_REFERRALS => 0,
),
'start_tls' => false,
'debug' => false,
),
)