From 7335287b29a0d80f73bf628c9a2b877843149967 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no> Date: Mon, 19 Jan 2009 13:50:37 +0000 Subject: [PATCH] LDAP status module that checks multiple LDAPs for connectivity git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1158 44740490-163a-0410-bde0-09ae8108e29a --- modules/ldapstatus/default-disable | 0 .../templates/default/ldapstatus.php | 63 ++++++++++ modules/ldapstatus/www/index.php | 117 ++++++++++++++++++ 3 files changed, 180 insertions(+) create mode 100644 modules/ldapstatus/default-disable create mode 100644 modules/ldapstatus/templates/default/ldapstatus.php create mode 100644 modules/ldapstatus/www/index.php diff --git a/modules/ldapstatus/default-disable b/modules/ldapstatus/default-disable new file mode 100644 index 000000000..e69de29bb diff --git a/modules/ldapstatus/templates/default/ldapstatus.php b/modules/ldapstatus/templates/default/ldapstatus.php new file mode 100644 index 000000000..19043223f --- /dev/null +++ b/modules/ldapstatus/templates/default/ldapstatus.php @@ -0,0 +1,63 @@ +<?php +$this->data['header'] = 'LDAP status page'; +$this->includeAtTemplateBase('includes/header.php'); + + +?> +<div id="content"> + +<h2>LDAP test</h2> + +<table style="width: 100%"> + <tr> + <th>Name of institusion</th> + <th>Conf</th> + <th>Meta</th> + <th>Ping</th> + <th>Admin bind()</th> + <th>Search bogus</th> + <th>Search test</th> + <th>Bind test</th> + <th>GetAttr test</th> + </tr> + +<?php + +function showRes($key, $res, $template) { + echo('<td>'); + if (array_key_exists($key, $res)) { + if ($res[$key][0]) { + echo '<img src="/' . $template->data['baseurlpath'] . 'resources/icons/accept.png" ' . + 'alt="' . htmlspecialchars($res[$key][1]) . '" + title="' . htmlspecialchars($res[$key][1]) . '" + />'; + } else { + echo '<img src="/' . $template->data['baseurlpath'] . 'resources/icons/delete.png" ' . + 'alt="' . htmlspecialchars($res[$key][1]) . '" + title="' . htmlspecialchars($res[$key][1]) . '" + />'; + } + } else { + echo('<span style="color: #eee;">NA</span>'); + } + echo('</td>'); +} + + +foreach($this->data['results'] as $orgkey => $res) { + echo('<tr>'); +# print_r($this->data['orgconfig']); exit; + echo('<td>' . htmlspecialchars($this->getTranslation($this->data['orgconfig'][$orgkey]['description'])) . '</td>'); + showRes('config', $res, $this); + showRes('configMeta', $res, $this); + showRes('ping', $res, $this); + showRes('adminUser', $res, $this); + showRes('ldapSearchBogus', $res, $this); + showRes('ldapSearchTestUser', $res, $this); + showRes('ldapBindTestUser', $res, $this); + showRes('ldapGetAttributesTestUser', $res, $this); + echo('</tr>'); +} +?> +</table> +<?php $this->includeAtTemplateBase('includes/footer.php'); ?> \ No newline at end of file diff --git a/modules/ldapstatus/www/index.php b/modules/ldapstatus/www/index.php new file mode 100644 index 000000000..196d99507 --- /dev/null +++ b/modules/ldapstatus/www/index.php @@ -0,0 +1,117 @@ +<?php + + +$config = SimpleSAML_Configuration::getInstance(); +$ldapconfig = $config->copyFromBase('loginfeide', 'config-login-feide.php'); + + +$orgs = $ldapconfig->getValue('orgldapconfig'); + +#echo '<pre>'; print_r($orgs); exit; + +function checkConfig($conf, $req) { + $err = array(); + foreach($req AS $r) { + if (!array_key_exists($r, $conf)) $err[] = $r; + } + if (count($err) > 0) { + return array(FALSE, 'Missing: ' . join(', ', $err)); + } + return array(TRUE, NULL); +} + +$results = array(); + +foreach ($orgs AS $orgkey => $orgconfig) { + + $results[$orgkey] = array(); + + + $results[$orgkey]['config'] = checkConfig($orgconfig, array('description', 'searchbase', 'hostname', 'attributes')); + $results[$orgkey]['configMeta'] = checkConfig($orgconfig, array('enable_tls', 'testUser', 'testPassword', 'contactMail', 'contactURL')); + + $url = parse_url($orgconfig['hostname']); +// print_r($orgconfig['hostname']); +// print_r($url); exit; + $pingreturn = NULL; + $pingoutput = NULL; + exec('ping -o -t 1 -c 1 ' . escapeshellcmd($url['host']), $pingoutput, $pingreturn); +# echo $pingreturn; exit; + if ($pingreturn == '0') { + $results[$orgkey]['ping'] = array(TRUE,join("\r\n", $pingoutput)); + } else { + $results[$orgkey]['ping'] = array(FALSE,join("\r\n", $pingoutput)); + continue; + } + + #continue; + + // LDAP Connect + try { + $ldap = new SimpleSAML_Auth_LDAP($orgconfig['hostname'], $orgconfig['enable_tls']); + $results[$orgkey]['connect'] = array(TRUE,NULL); + } catch (Exception $e) { + $results[$orgkey]['connect'] = array(FALSE,$e->getMessage()); + continue; + } + + // Bind as admin user + if (isset($orgconfig['adminUser'])) { + try { + $ldap->bind($orgconfig['adminUser'], $orgconfig['adminPassword']); + $results[$orgkey]['adminBind'] = array(TRUE,NULL); + } catch (Exception $e) { + $results[$orgkey]['adminBind'] = array(FALSE,$e->getMessage()); + continue; + } + } + + + $eppn = 'test@feide.no'; + // Search for bogus user + try { + $dn = $ldap->searchfordn($orgconfig['searchbase'], 'eduPersonPrincipalName', $eppn, TRUE); + $results[$orgkey]['ldapSearchBogus'] = array(TRUE,NULL); + } catch (Exception $e) { + $results[$orgkey]['ldapSearchBogus'] = array(FALSE,$e->getMessage()); + continue; + } + + + // If test user is available + if (array_key_exists('testUser', $orgconfig)) { + + // Try to search for DN of test account + try { + $dn = $ldap->searchfordn($orgconfig['searchbase'], 'eduPersonPrincipalName', $eppn); + $results[$orgkey]['ldapSearchTestUser'] = array(TRUE,NULL); + } catch (Exception $e) { + $results[$orgkey]['ldapSearchTestUser'] = array(FALSE,$e->getMessage()); + continue; + } + + if ($ldap->bind($orgconfig['testUser'], $orgconfig['testPassword'])) { + $results[$orgkey]['ldapBindTestUser'] = array(TRUE,NULL); + + } else { + $results[$orgkey]['ldapBindTestUser'] = array(FALSE,NULL); + continue; + } + + try { + $attributes = $ldap->getAttributes($dn, $orgconfig['attributes'], $ldapconfig->getValue('attributesize.max', NULL)); + $results[$orgkey]['ldapGetAttributesTestUser'] = array(TRUE,NULL); + } catch(Exception $e) { + $results[$orgkey]['ldapGetAttributesTestUser'] = array(FALSE,$e->getMessage()); + } + } +} +#echo '<pre>'; print_r($results); exit; + +$t = new SimpleSAML_XHTML_Template($config, 'ldapstatus:ldapstatus.php'); +$t->data['results'] = $results; +$t->data['orgconfig'] = $orgs; +$t->show(); +exit; + +?> -- GitLab