PHPXRef 0.7.1 : DokuWiki : Detail view of auth.php

Class: auth_plugin_authad - X-Ref

Active Directory authentication backend for DokuWiki

This makes authentication with a Active Directory server much easier
than when using the normal LDAP backend by utilizing the adLDAP library

Usage:
Set DokuWiki's local.protected.php auth setting to read

$conf['authtype']       = 'authad';

$conf['plugin']['authad']['account_suffix']     = '@my.domain.org';
$conf['plugin']['authad']['base_dn']            = 'DC=my,DC=domain,DC=org';
$conf['plugin']['authad']['domain_controllers'] = 'srv1.domain.org,srv2.domain.org';

//optional:
$conf['plugin']['authad']['sso']                = 1;
$conf['plugin']['authad']['admin_username']     = 'root';
$conf['plugin']['authad']['admin_password']     = 'pass';
$conf['plugin']['authad']['real_primarygroup']  = 1;
$conf['plugin']['authad']['use_ssl']            = 1;
$conf['plugin']['authad']['use_tls']            = 1;
$conf['plugin']['authad']['debug']              = 1;
// warn user about expiring password this many days in advance:
$conf['plugin']['authad']['expirywarn']         = 5;

// get additional information to the userinfo array
// add a list of comma separated ldap contact fields.
$conf['plugin']['authad']['additional'] = 'field1,field2';

__construct() X-Ref

Constructor

canDo($cap) X-Ref

Load domain config on capability check

return: bool
param: string $cap

checkPass($user, $pass) X-Ref

Check user+password [required auth function]

Checks if the given user exists and the given
plaintext password is correct by trying to bind
to the LDAP server

author: James Van Lommel <james@nosq.com>
return: bool
param: string $user
param: string $pass

getUserData($user, $requireGroups = true) X-Ref

Return user info [required auth function]

Returns info about the given user needs to contain
at least these fields:

name    string  full name of the user
mail    string  email address of the user
grps    array   list of groups the user is in

This AD specific function returns the following
addional fields:

dn         string    distinguished name (DN)
uid        string    samaccountname
lastpwd    int       timestamp of the date when the password was set
expires    true      if the password expires
expiresin  int       seconds until the password expires
any fields specified in the 'additional' config option

author: James Van Lommel <james@nosq.com>
return: array
param: string $user
param: bool $requireGroups (optional) - ignored, groups are always supplied by this plugin

cleanGroup($group) X-Ref

Make AD group names usable by DokuWiki.

Removes backslashes ('\'), pound signs ('#'), and converts spaces to underscores.

author: James Van Lommel (jamesvl@gmail.com)
return: string
param: string $group

cleanUser($user) X-Ref

Sanitize user names

Normalizes domain parts, does not modify the user name itself (unlike cleanGroup)

author: Andreas Gohr <gohr@cosmocode.de>
return: string
param: string $user

isCaseSensitive() X-Ref

Most values in LDAP are case-insensitive

return: bool

constructSearchString($filter) X-Ref

Create a Search-String useable by adLDAPUsers::all($includeDescription = false, $search = "*", $sorted = true)

return: string
param: array $filter

getUserCount($filter = []) X-Ref

Return a count of the number of user which meet $filter criteria

return: int number of users
param: array $filter $filter array of field/pattern pairs, empty array for no filter

filterToString($filter) X-Ref

create a unique string for each filter used with a group

return: string
param: array $filter

fillGroupUserArray($filter, $numberOfAdds) X-Ref

Create an array of $numberOfAdds users passing a certain $filter, including belonging
to a certain group and save them to a object-wide array. If the array
already exists try to add $numberOfAdds further users to it.

return: int number of Users actually add to Array
param: array $filter
param: int $numberOfAdds additional number of users requested

retrieveUsers($start = 0, $limit = 0, $filter = []) X-Ref

Bulk retrieval of user data

author: Dominik Eckelmann <dokuwiki@cosmocode.de>
return: array userinfo (refer getUserData for internal userinfo details)
param: int $start index of first user to be returned
param: int $limit max number of users to be returned
param: array $filter array of field/pattern pairs, null for no filter

modifyUser($user, $changes) X-Ref

Modify user data

return: bool
param: string $user nick of the user to be changed
param: array $changes array of field/value pairs to be changed

initAdLdap($domain) X-Ref

Initialize the AdLDAP library and connect to the server

When you pass null as domain, it will reuse any existing domain.
Eg. the one of the logged in user. It falls back to the default
domain if no current one is available.

return: adLDAP|bool true if a connection was established
param: string|null $domain The AD domain to use

getUserDomain($user) X-Ref

Get the domain part from a user

return: string
param: string $user

getUserName($user) X-Ref

Get the user part from a user

When an account suffix is set, we strip the domain part from the user

return: string
param: string $user

loadServerConfig($domain) X-Ref

Fetch the configuration for the given AD domain

return: array
param: string $domain current AD domain

getConfiguredDomains() X-Ref

Returns a list of configured domains

The default domain has an empty string as key

return: array associative array(key => domain)

filter($user, $info) X-Ref

Check provided user and userinfo for matching patterns

The patterns are set up with $this->_constructPattern()

author: Chris Smith <chris@jalakai.co.uk>
return: bool
param: string $user
param: array $info

constructPattern($filter) X-Ref

Create a pattern for $this->_filter()

author: Chris Smith <chris@jalakai.co.uk>
param: array $filter

File Size:	803 lines (27 kb)
Included or required:	0 times
Referenced:	0 times
Includes or requires:	0 files

PHP Cross Reference of DokuWiki

/lib/plugins/authad/ -> auth.php (summary)

Defines 1 class

Global DokuWiki Links