Skip to content
Snippets Groups Projects
Commit 6b3c70c0 authored by Andreas Åkre Solberg's avatar Andreas Åkre Solberg
Browse files

LDAP authentication module now uses separate configuration file.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@402 44740490-163a-0410-bde0-09ae8108e29a
parent b218975c
No related branches found
No related tags found
No related merge requests found
<?php
/*
* Configuration for the LDAP authentication module.
*
* $Id: $
*/
$config = array (
/**
* LDAP configuration. This is only relevant if you use the LDAP authentication plugin.
*
* The attributes parameter is a list of attributes that should be retrieved.
* If the attributes parameter is set to null, all attributes will be retrieved.
*/
'auth.ldap.dnpattern' => 'uid=%username%,dc=feide,dc=no,ou=feide,dc=uninett,dc=no',
'auth.ldap.hostname' => 'ldap.uninett.no',
'auth.ldap.attributes' => null,
'auth.ldap.enable_tls' => false,
);
?>
...@@ -12,11 +12,13 @@ class SimpleSAML_Configuration { ...@@ -12,11 +12,13 @@ class SimpleSAML_Configuration {
private static $instance = array(); private static $instance = array();
private $configpath = null; private $configpath = null;
private $configfilename = null;
private $configuration = null; private $configuration = null;
// private constructor restricts instantiaton to getInstance() // private constructor restricts instantiaton to getInstance()
private function __construct($configpath) { private function __construct($configpath, $configfilename = 'config.php') {
$this->configpath = $configpath; $this->configpath = $configpath;
$this->configfilename = $configfilename;
} }
public static function getInstance($instancename = 'simplesaml') { public static function getInstance($instancename = 'simplesaml') {
...@@ -25,15 +27,15 @@ class SimpleSAML_Configuration { ...@@ -25,15 +27,15 @@ class SimpleSAML_Configuration {
return self::$instance[$instancename]; return self::$instance[$instancename];
} }
public static function init($path, $instancename = 'simplesaml') { public static function init($path, $instancename = 'simplesaml', $configfilename = 'config.php') {
self::$instance[$instancename] = new SimpleSAML_Configuration($path); self::$instance[$instancename] = new SimpleSAML_Configuration($path, $configfilename);
} }
private function loadConfig() { private function loadConfig() {
if (!file_exists($this->configpath . '/config.php')) { if (!file_exists($this->configpath . '/' . $this->configfilename)) {
echo 'You have not yet created a configuration file. [ <a href="http://rnd.feide.no/content/installing-simplesamlphp#id405868">simpleSAMLphp installation manual</a> ]'; echo 'You have not yet created a configuration file. [ <a href="http://rnd.feide.no/content/installing-simplesamlphp#id405868">simpleSAMLphp installation manual</a> ]';
} }
require_once($this->configpath . '/config.php'); require_once($this->configpath . '/' . $this->configfilename);
$this->configuration = $config; $this->configuration = $config;
} }
......
...@@ -48,12 +48,6 @@ if (!array_key_exists('RelayState', $_REQUEST)) { ...@@ -48,12 +48,6 @@ if (!array_key_exists('RelayState', $_REQUEST)) {
function casValidate($cas) { function casValidate($cas) {
$service = SimpleSAML_Utilities::selfURL(); $service = SimpleSAML_Utilities::selfURL();
......
...@@ -17,6 +17,11 @@ $session = SimpleSAML_Session::getInstance(true); ...@@ -17,6 +17,11 @@ $session = SimpleSAML_Session::getInstance(true);
SimpleSAML_Logger::info('AUTH - ldap: Accessing auth endpoint login'); SimpleSAML_Logger::info('AUTH - ldap: Accessing auth endpoint login');
SimpleSAML_Configuration::init($configdir, 'ldapconfig', 'ldap.php');
$ldapconfig = SimpleSAML_Configuration::getInstance('ldapconfig');
$error = null; $error = null;
$attributes = array(); $attributes = array();
$username = null; $username = null;
...@@ -61,17 +66,17 @@ if (isset($_POST['username'])) { ...@@ -61,17 +66,17 @@ if (isset($_POST['username'])) {
/* /*
* Connecting to LDAP. * Connecting to LDAP.
*/ */
$ldap = new SimpleSAML_Auth_LDAP($config->getValue('auth.ldap.hostname', $ldap = new SimpleSAML_Auth_LDAP($ldapconfig->getValue('auth.ldap.hostname'),
$config->getValue('auth.ldap.enable_tls'))); $ldapconfig->getValue('auth.ldap.enable_tls'));
/* Insert the LDAP username into the pattern configured in the /* Insert the LDAP username into the pattern configured in the
* 'auth.ldap.dnpattern' option. * 'auth.ldap.dnpattern' option.
*/ */
$dn = str_replace('%username%', $ldapusername, $dn = str_replace('%username%', $ldapusername,
$config->getValue('auth.ldap.dnpattern')); $ldapconfig->getValue('auth.ldap.dnpattern'));
/* Connect to the LDAP server. */ /* Connect to the LDAP server. */
#$ds = ldap_connect($config->getValue('auth.ldap.hostname')); #$ds = ldap_connect($ldapconfig->getValue('auth.ldap.hostname'));
/* /*
...@@ -85,7 +90,7 @@ if (isset($_POST['username'])) { ...@@ -85,7 +90,7 @@ if (isset($_POST['username'])) {
/* /*
* Retrieve attributes from LDAP * Retrieve attributes from LDAP
*/ */
$attributes = $ldap->getAttributes($dn, $config->getValue('auth.ldap.attributes', null)); $attributes = $ldap->getAttributes($dn, $ldapconfig->getValue('auth.ldap.attributes', null));
SimpleSAML_Logger::info('AUTH - ldap: '. $ldapusername . ' successfully authenticated'); SimpleSAML_Logger::info('AUTH - ldap: '. $ldapusername . ' successfully authenticated');
......
...@@ -2,7 +2,6 @@ ...@@ -2,7 +2,6 @@
require_once('../../_include.php'); require_once('../../_include.php');
require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Configuration.php'); require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Configuration.php');
require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Utilities.php'); require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Utilities.php');
require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Session.php'); require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSAML/Session.php');
...@@ -16,7 +15,7 @@ require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSA ...@@ -16,7 +15,7 @@ require_once((isset($SIMPLESAML_INCPREFIX)?$SIMPLESAML_INCPREFIX:'') . 'SimpleSA
* This SAML 2.0 endpoint is the endpoint at the SAML 2.0 SP that takes an Authentication Response * This SAML 2.0 endpoint is the endpoint at the SAML 2.0 SP that takes an Authentication Response
* as HTTP-POST in, and parses and processes it before it redirects the use to the RelayState. * as HTTP-POST in, and parses and processes it before it redirects the use to the RelayState.
* *
* @author Andreas kre Solberg, UNINETT AS. <andreas.solberg@uninett.no> * @author Andreas Aakre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
* @package simpleSAMLphp * @package simpleSAMLphp
* @version $Id$ * @version $Id$
* @abstract * @abstract
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment