mirror of
https://github.com/lucaspalomodevelop/core.git
synced 2026-03-14 08:34:39 +00:00
kulikov-a
Ad Schellevis
parent
bf3877b834
commit
8ec2c22cac
@ -127,6 +127,11 @@ class LDAP extends Base implements IAuthConnector
|
||||
*/
|
||||
private $lastAuthProperties = array();
|
||||
|
||||
/**
|
||||
* @var array internal list of LDAP errors
|
||||
*/
|
||||
private $lastAuthErrors = array();
|
||||
|
||||
/**
|
||||
* close ldap handle if open
|
||||
*/
|
||||
@ -194,7 +199,10 @@ class LDAP extends Base implements IAuthConnector
|
||||
$error_string = "";
|
||||
if ($this->ldapHandle !== false) {
|
||||
ldap_get_option($this->ldapHandle, LDAP_OPT_ERROR_STRING, $error_string);
|
||||
syslog(LOG_ERR, sprintf($message . " [%s,%s]", $error_string, ldap_error($this->ldapHandle)));
|
||||
$error_string = str_replace(array("\n","\r","\t"), ' ', $error_string);
|
||||
syslog(LOG_ERR, sprintf($message . " [%s; %s]", $error_string, ldap_error($this->ldapHandle)));
|
||||
$this->lastAuthErrors['error'] = $error_string;
|
||||
$this->lastAuthErrors['ldap_error'] = ldap_error($this->ldapHandle);
|
||||
} else {
|
||||
syslog(LOG_ERR, $message);
|
||||
}
|
||||
@ -431,6 +439,7 @@ class LDAP extends Base implements IAuthConnector
|
||||
if ($this->ldapHandle !== false) {
|
||||
$searchResults = $this->search("(|(ou=*)(cn=Users))");
|
||||
if ($searchResults !== false) {
|
||||
$this->logLdapError("LDAP containers search result count: " . $searchResults["count"]);
|
||||
for ($i = 0; $i < $searchResults["count"]; $i++) {
|
||||
$result[] = $searchResults[$i]['dn'];
|
||||
}
|
||||
@ -451,6 +460,14 @@ class LDAP extends Base implements IAuthConnector
|
||||
return $this->lastAuthProperties;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array of LDAP errors
|
||||
*/
|
||||
public function getLastAuthErrors()
|
||||
{
|
||||
return $this->lastAuthErrors;
|
||||
}
|
||||
|
||||
/**
|
||||
* update user group policies when configured
|
||||
* @param string $username authenticated username
|
||||
@ -561,6 +578,8 @@ class LDAP extends Base implements IAuthConnector
|
||||
if ($result !== false && count($result) > 0) {
|
||||
$user_dn = $result[0]['dn'];
|
||||
$ldap_is_connected = $this->connect($this->ldapBindURL, $result[0]['dn'], $password);
|
||||
} else {
|
||||
$this->lastAuthErrors['error'] = "User DN not found";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -73,6 +73,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
|
||||
}
|
||||
} else {
|
||||
$input_errors[] = gettext("Authentication failed.");
|
||||
foreach ($authenticator->getLastAuthErrors() as $err_name => $err_value) {
|
||||
if (is_array($err_value)) {
|
||||
$err_value = implode(",", $err_value);
|
||||
}
|
||||
$input_errors[] = "{$err_name}: {$err_value}";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -449,15 +449,19 @@ $( document ).ready(function() {
|
||||
$.post('system_usermanager_settings_ldapacpicker.php', request_data, function(data) {
|
||||
var tbl = $("<table/>");
|
||||
var tbl_body = $("<tbody/>");
|
||||
for (var i=0; i < data.length ; ++i) {
|
||||
var tr = $("<tr/>");
|
||||
tr.append($("<td/>").append(
|
||||
$("<input type='checkbox' class='ldap_item_select'>")
|
||||
.prop('checked', data[i].selected)
|
||||
.prop('value', data[i].value)
|
||||
));
|
||||
tr.append($("<td/>").text(data[i].value));
|
||||
tbl_body.append(tr);
|
||||
if (data.length > 0) {
|
||||
for (var i=0; i < data.length ; ++i) {
|
||||
var tr = $("<tr/>");
|
||||
tr.append($("<td/>").append(
|
||||
$("<input type='checkbox' class='ldap_item_select'>")
|
||||
.prop('checked', data[i].selected)
|
||||
.prop('value', data[i].value)
|
||||
));
|
||||
tr.append($("<td/>").text(data[i].value));
|
||||
tbl_body.append(tr);
|
||||
}
|
||||
} else {
|
||||
tbl_body.append("<tr><td><?=gettext("No results. Check General log for details"); ?></td></tr>");
|
||||
}
|
||||
tbl.append(tbl_body);
|
||||
BootstrapDialog.show({
|
||||
@ -465,15 +469,19 @@ $( document ).ready(function() {
|
||||
title: "<?=gettext("Please select which containers to Authenticate against:");?>",
|
||||
message: tbl,
|
||||
buttons: [{
|
||||
label: "<?= gettext("Close");?>",
|
||||
label: "<?= gettext("Save");?>",
|
||||
cssClass: 'btn-primary',
|
||||
action: function(dialogRef) {
|
||||
var values = $(".ldap_item_select:checked").map(function(){
|
||||
return $(this).val();
|
||||
}).get().join(';');
|
||||
$("#ldapauthcontainers").val(values);
|
||||
dialogRef.close();
|
||||
}
|
||||
}]
|
||||
}}, {
|
||||
label: "<?= gettext("Cancel");?>",
|
||||
action: function(dialogRef) {
|
||||
dialogRef.close();
|
||||
}}]
|
||||
});
|
||||
}, "json");
|
||||
}
|
||||
@ -688,8 +696,8 @@ endif; ?>
|
||||
</ul>
|
||||
<br/>
|
||||
<div class="hidden" data-for="help_for_ldapauthcontainers">
|
||||
<br/><?= gettext('Semicolon-separated list of distinguished names optionally containing DC= components.') ?>
|
||||
<br/><?=gettext("Example:");?> OU=Freelancers,O=Company,DC=example,DC=com;CN=Users,OU=Staff,O=Company
|
||||
<br/><?= gettext('Semicolon-separated list of distinguished names containing DC= components.') ?>
|
||||
<br/><?=gettext("Example:");?> OU=Freelancers,O=Company,DC=example,DC=com;CN=Users,OU=Staff,O=Company,DC=example,DC=com
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user