ILIAS  Release_4_3_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
ilLDAPServer Class Reference
+ Collaboration diagram for ilLDAPServer:

Public Member Functions

 __construct ($a_server_id=0)
 getServerId ()
 enableAuthentication ($a_status)
 Enable authentication for this ldap server.
 isAuthenticationEnabled ()
 Check if authentication is enabled.
 setAuthenticationMapping ($a_map)
 Set mapped authentication mapping.
 getAuthenticationMapping ()
 Get authentication mode that is mapped.
 getAuthenticationMappingKey ()
 Get authentication mapping key Default is ldap.
 toggleActive ($a_status)
 isActive ()
 getUrl ()
 setUrl ($a_url)
 getUrlString ()
 doConnectionCheck ()
 Check ldap connection and do a fallback to the next server if no connection is possible.
 getName ()
 setName ($a_name)
 getVersion ()
 setVersion ($a_version)
 getBaseDN ()
 setBaseDN ($a_base_dn)
 isActiveReferrer ()
 toggleReferrer ($a_status)
 isActiveTLS ()
 toggleTLS ($a_status)
 getBindingType ()
 setBindingType ($a_type)
 getBindUser ()
 setBindUser ($a_user)
 getBindPassword ()
 setBindPassword ($a_password)
 getSearchBase ()
 setSearchBase ($a_search_base)
 getUserAttribute ()
 setUserAttribute ($a_user_attr)
 getFilter ()
 setFilter ($a_filter)
 getGroupDN ()
 setGroupDN ($a_value)
 getGroupFilter ()
 setGroupFilter ($a_value)
 getGroupMember ()
 setGroupMember ($a_value)
 getGroupName ()
 setGroupName ($a_value)
 getGroupNames ()
 Get group names as array.
 getGroupAttribute ()
 setGroupAttribute ($a_value)
 toggleMembershipOptional ($a_status)
 isMembershipOptional ()
 setGroupUserFilter ($a_filter)
 getGroupUserFilter ()
 enabledGroupMemberIsDN ()
 enableGroupMemberIsDN ($a_value)
 setGroupScope ($a_value)
 getGroupScope ()
 setUserScope ($a_value)
 getUserScope ()
 enabledSyncOnLogin ()
 enableSyncOnLogin ($a_value)
 enabledSyncPerCron ()
 enableSyncPerCron ($a_value)
 setGlobalRole ($a_role)
 getRoleBindDN ()
 setRoleBindDN ($a_value)
 getRoleBindPassword ()
 setRoleBindPassword ($a_value)
 enabledRoleSynchronization ()
 enableRoleSynchronization ($a_value)
 enableAccountMigration ($a_status)
 Enable account migration.
 isAccountMigrationEnabled ()
 enabled account migration
 validate ()
 Validate user input.
 create ()
 update ()
 toPearAuthArray ()
 Creates an array of options compatible to PEAR Auth.

Static Public Member Functions

static getInstanceByServerId ($a_server_id)
static checkLDAPLib ()
 Check if ldap module is installed.
static _getActiveServerList ()
 Get active server list.
static _getCronServerIds ()
 Get list of acticve servers with option 'SyncCron'.
static _getRoleSyncServerIds ()
 Check whether there if there is an active server with option role_sync_active.
static _getPasswordServers ()
 Checks whether password synchronistation is enabled for an user.
static _getFirstActiveServer ()
 Get first active server.
static _getServerList ()
 Get list of all configured servers.
static _getFirstServer ()
static getAvailableDataSources ($a_auth_mode)
static isDataSourceActive ($a_auth_mode)
 Check if a data source is active for a specific auth mode ilDB $ilDB.
static getDataSource ($a_auth_mode)
static toggleDataSource ($a_auth_mode, $a_status)
 Toggle Data Source.

Data Fields

const DEBUG = false
const DEFAULT_VERSION = 3

Private Member Functions

 prepareFilter ($a_filter)
 Create brackets for filters if they do not exist.
 getPearAtributeArray ()
 Get attribute array for pear auth data.
 read ()
 Read server settings.

Private Attributes

 $role_bind_dn = ''
 $role_bind_pass = ''
 $role_sync_active = 0
 $server_id = null
 $fallback_urls = array()
 $enabled_authentication = true
 $authentication_mapping = 0

Static Private Attributes

static $instances = array()

Detailed Description

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 24 of file class.ilLDAPServer.php.

Constructor & Destructor Documentation

ilLDAPServer::__construct (   $a_server_id = 0)

Definition at line 41 of file class.ilLDAPServer.php.

References $lng, and read().

{
global $ilDB,$lng;
$this->db = $ilDB;
$this->lng = $lng;
$this->server_id = $a_server_id;
$this->read();
}

+ Here is the call graph for this function:

Member Function Documentation

static ilLDAPServer::_getActiveServerList ( )
static

Get active server list.

Returns
array server ids of active ldap server

Definition at line 75 of file class.ilLDAPServer.php.

References $query, $res, and $row.

Referenced by ilAuthUtils\_getActiveAuthModes(), _getFirstActiveServer(), _getPasswordServers(), ilAuthUtils\_hasMultipleAuthenticationMethods(), ilAuthUtils\_isExternalAccountEnabled(), and ilObjAuthSettingsGUI\authSettingsObject().

{
global $ilDB;
$query = "SELECT server_id FROM ldap_server_settings ".
"WHERE active = 1 AND authentication = 1 ".
"ORDER BY name ";
$res = $ilDB->query($query);
$server_ids = array();
while($row = $ilDB->fetchObject($res))
{
$server_ids[] = $row->server_id;
}
return $server_ids;
}

+ Here is the caller graph for this function:

static ilLDAPServer::_getCronServerIds ( )
static

Get list of acticve servers with option 'SyncCron'.

Returns
array server ids of active ldap server

Definition at line 96 of file class.ilLDAPServer.php.

References $query, $res, and $row.

Referenced by ilLDAPCronSynchronization\start().

{
global $ilDB;
$query = "SELECT server_id FROM ldap_server_settings ".
"WHERE active = 1 ".
"AND sync_per_cron = 1 ".
"ORDER BY name";
$res = $ilDB->query($query);
while($row = $ilDB->fetchObject($res))
{
$server_ids[] = $row->server_id;
}
return $server_ids ? $server_ids : array();
}

+ Here is the caller graph for this function:

static ilLDAPServer::_getFirstActiveServer ( )
static

Get first active server.

Returns
int first active server

Definition at line 155 of file class.ilLDAPServer.php.

References _getActiveServerList().

Referenced by ilAuthContainerLDAP\__construct(), ilAuthUtils\_getMultipleAuthModeOptions(), ilECSCmsCourseMemberCommandQueueHandler\createMember(), ilAuthContainerApache\fetchData(), ilLDAPRoleAssignmentRules\getDefaultRole(), ilAuthLoginPageEditorGUI\initLoginForm(), ilLDAPRoleAssignmentRule\isGroupMember(), and ilAuthModeDetermination\read().

{
if(count($servers))
{
return $servers[0];
}
return 0;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilLDAPServer::_getFirstServer ( )
static

Definition at line 189 of file class.ilLDAPServer.php.

References _getServerList().

Referenced by ilLDAPSettingsGUI\initServer().

{
if(count($servers))
{
return $servers[0];
}
return 0;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilLDAPServer::_getPasswordServers ( )
static

Checks whether password synchronistation is enabled for an user.

public

Parameters
intuser_id

Definition at line 144 of file class.ilLDAPServer.php.

References _getActiveServerList().

+ Here is the call graph for this function:

static ilLDAPServer::_getRoleSyncServerIds ( )
static

Check whether there if there is an active server with option role_sync_active.

public

Parameters

Definition at line 120 of file class.ilLDAPServer.php.

References $query, $res, and $row.

Referenced by ilLDAPRoleGroupMapping\initServers().

{
global $ilDB;
$query = "SELECT server_id FROM ldap_server_settings ".
"WHERE active = 1 ".
"AND role_sync_active = 1 ";
$res = $ilDB->query($query);
$server_ids = array();
while($row = $ilDB->fetchObject($res))
{
$server_ids[] = $row->server_id;
}
return $server_ids;
}

+ Here is the caller graph for this function:

static ilLDAPServer::_getServerList ( )
static

Get list of all configured servers.

Returns
array list of server ids

Definition at line 170 of file class.ilLDAPServer.php.

References $query, $res, and $row.

Referenced by _getFirstServer(), and ilLDAPSettingsGUI\setSubTabs().

{
global $ilDB;
$query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
$res = $ilDB->query($query);
while($row = $ilDB->fetchObject($res))
{
$server_ids[] = $row->server_id;
}
return $server_ids ? $server_ids : array();
}

+ Here is the caller graph for this function:

static ilLDAPServer::checkLDAPLib ( )
static

Check if ldap module is installed.

Returns

Definition at line 65 of file class.ilLDAPServer.php.

Referenced by ilLDAPSettingsGUI\serverList().

{
return function_exists('ldap_bind');
}

+ Here is the caller graph for this function:

ilLDAPServer::create ( )

Definition at line 716 of file class.ilLDAPServer.php.

References $query, $res, enabledGroupMemberIsDN(), enabledRoleSynchronization(), enabledSyncOnLogin(), enabledSyncPerCron(), getAuthenticationMapping(), getBaseDN(), getBindingType(), getBindPassword(), getBindUser(), getFilter(), getGroupAttribute(), getGroupDN(), getGroupFilter(), getGroupMember(), getGroupName(), getGroupScope(), getGroupUserFilter(), getName(), getRoleBindDN(), getRoleBindPassword(), getSearchBase(), getUrlString(), getUserAttribute(), getUserScope(), getVersion(), isAccountMigrationEnabled(), isActive(), isActiveReferrer(), isActiveTLS(), isAuthenticationEnabled(), and isMembershipOptional().

{
global $ilDB;
$next_id = $ilDB->nextId('ldap_server_settings');
$query = 'INSERT INTO ldap_server_settings (server_id,active,name,url,version,base_dn,referrals,tls,bind_type,bind_user,bind_pass,'.
'search_base,user_scope,user_attribute,filter,group_dn,group_scope,group_filter,group_member,group_memberisdn,group_name,'.
'group_attribute,group_optional,group_user_filter,sync_on_login,sync_per_cron,role_sync_active,role_bind_dn,role_bind_pass,migration, '.
'authentication,authentication_type) '.
'VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)';
$res = $ilDB->queryF($query,
array(
'integer','integer','text','text','integer','text','integer','integer','integer','text','text','text','integer',
'text','text','text','integer','text','text','integer','text','text','integer','text','integer','integer','integer',
'text','text', 'integer','integer','integer'),
array(
$next_id,
$this->isActive(),
$this->getName(),
$this->getUrlString(),
$this->getVersion(),
$this->getBaseDN(),
$this->isActiveReferrer(),
$this->isActiveTLS(),
$this->getBindingType(),
$this->getBindUser(),
$this->getBindPassword(),
$this->getSearchBase(),
$this->getUserScope(),
$this->getUserAttribute(),
$this->getFilter(),
$this->getGroupDN(),
$this->getGroupScope(),
$this->getGroupFilter(),
$this->getGroupMember(),
$this->getGroupName(),
$this->getRoleBindDN(),
));
return $next_id;
}

+ Here is the call graph for this function:

ilLDAPServer::doConnectionCheck ( )

Check ldap connection and do a fallback to the next server if no connection is possible.

public

Definition at line 384 of file class.ilLDAPServer.php.

References $ilLog, and $query.

{
global $ilLog;
include_once('Services/LDAP/classes/class.ilLDAPQuery.php');
foreach(array_merge(array(0 => $this->url),$this->fallback_urls) as $url)
{
try
{
// Need to do a full bind, since openldap return valid connection links for invalid hosts
$query = new ilLDAPQuery($this,$url);
$query->bind();
$this->url = $url;
$ilLog->write(__METHOD__.': Using url: '.$url.'.');
return true;
}
{
$ilLog->write(__METHOD__.': Cannot connect to LDAP server: '.$url.'. Trying fallback...');
}
}
$ilLog->write(__METHOD__.': No valid LDAP server found.');
return false;
}
ilLDAPServer::enableAccountMigration (   $a_status)

Enable account migration.

public

Parameters
boolstatus

Definition at line 663 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->account_migration = $a_status;
}

+ Here is the caller graph for this function:

ilLDAPServer::enableAuthentication (   $a_status)

Enable authentication for this ldap server.

Parameters
bool$a_status

Definition at line 293 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->enabled_authentication = (bool) $a_status;
}

+ Here is the caller graph for this function:

ilLDAPServer::enabledGroupMemberIsDN ( )

Definition at line 587 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), and update().

{
return (bool) $this->memberisdn;
}

+ Here is the caller graph for this function:

ilLDAPServer::enabledRoleSynchronization ( )

Definition at line 647 of file class.ilLDAPServer.php.

References $role_sync_active.

Referenced by create(), and update().

+ Here is the caller graph for this function:

ilLDAPServer::enabledSyncOnLogin ( )

Definition at line 611 of file class.ilLDAPServer.php.

Referenced by create(), getPearAtributeArray(), update(), and validate().

{
return $this->sync_on_login;
}

+ Here is the caller graph for this function:

ilLDAPServer::enabledSyncPerCron ( )

Definition at line 619 of file class.ilLDAPServer.php.

Referenced by create(), update(), and validate().

{
return $this->sync_per_cron;
}

+ Here is the caller graph for this function:

ilLDAPServer::enableGroupMemberIsDN (   $a_value)

Definition at line 591 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->memberisdn = (bool) $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::enableRoleSynchronization (   $a_value)

Definition at line 651 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->role_sync_active = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::enableSyncOnLogin (   $a_value)

Definition at line 615 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->sync_on_login = (int) $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::enableSyncPerCron (   $a_value)

Definition at line 623 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->sync_per_cron = (int) $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::getAuthenticationMapping ( )

Get authentication mode that is mapped.

Returns
int

Definition at line 320 of file class.ilLDAPServer.php.

References $authentication_mapping.

Referenced by create(), getAuthenticationMappingKey(), and update().

+ Here is the caller graph for this function:

ilLDAPServer::getAuthenticationMappingKey ( )

Get authentication mapping key Default is ldap.

Returns
string

Definition at line 330 of file class.ilLDAPServer.php.

References ilAuthUtils\_getAuthModeName(), getAuthenticationMapping(), and isAuthenticationEnabled().

Referenced by ilLDAPCronSynchronization\deactivateUsers().

{
{
return 'ldap';
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

static ilLDAPServer::getAvailableDataSources (   $a_auth_mode)
static

Definition at line 201 of file class.ilLDAPServer.php.

References $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilCASSettingsGUI\initFormSettings(), and ilRadiusSettingsGUI\settings().

{
global $ilDB;
$query = "SELECT server_id FROM ldap_server_settings ".
"WHERE active = ".$ilDB->quote(1,'integer')." ".
"AND authentication = ".$ilDB->quote(0,'integer')." ".
"AND ( authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
"OR authentication_type = ".$ilDB->quote(0,'integer').")";
$res = $ilDB->query($query);
$server_ids = array();
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$server_ids[] = $row->server_id;
}
return $server_ids;
}

+ Here is the caller graph for this function:

ilLDAPServer::getBaseDN ( )

Definition at line 427 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), update(), and validate().

{
return $this->base_dn;
}

+ Here is the caller graph for this function:

ilLDAPServer::getBindingType ( )

Definition at line 451 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), update(), and validate().

{
return $this->binding_type;
}

+ Here is the caller graph for this function:

ilLDAPServer::getBindPassword ( )

Definition at line 474 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), update(), and validate().

{
return $this->bind_password;
}

+ Here is the caller graph for this function:

ilLDAPServer::getBindUser ( )

Definition at line 466 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), update(), and validate().

{
return $this->bind_user;
}

+ Here is the caller graph for this function:

static ilLDAPServer::getDataSource (   $a_auth_mode)
static

Definition at line 241 of file class.ilLDAPServer.php.

References $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilAuthContainerCAS\handleLDAPDataSource(), and ilAuthContainerRadius\handleLDAPDataSource().

{
global $ilDB;
$query = "SELECT server_id FROM ldap_server_settings ".
"WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
"AND authentication = ".$ilDB->quote(0,'integer');
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
return $row->server_id;
}
return 0;
}

+ Here is the caller graph for this function:

ilLDAPServer::getFilter ( )

Definition at line 498 of file class.ilLDAPServer.php.

References prepareFilter().

Referenced by create(), toPearAuthArray(), and update().

{
return $this->prepareFilter($this->filter);
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPServer::getGroupAttribute ( )

Definition at line 561 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), and update().

{
return $this->group_attribute;
}

+ Here is the caller graph for this function:

ilLDAPServer::getGroupDN ( )

Definition at line 506 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), and update().

{
return $this->group_dn;
}

+ Here is the caller graph for this function:

ilLDAPServer::getGroupFilter ( )

Definition at line 514 of file class.ilLDAPServer.php.

References prepareFilter().

Referenced by create(), toPearAuthArray(), and update().

{
return $this->prepareFilter($this->group_filter);
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPServer::getGroupMember ( )

Definition at line 522 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), and update().

{
return $this->group_member;
}

+ Here is the caller graph for this function:

ilLDAPServer::getGroupName ( )

Definition at line 530 of file class.ilLDAPServer.php.

Referenced by create(), getGroupNames(), toPearAuthArray(), and update().

{
return $this->group_name;
}

+ Here is the caller graph for this function:

ilLDAPServer::getGroupNames ( )

Get group names as array.

public

Parameters

Definition at line 545 of file class.ilLDAPServer.php.

References getGroupName().

{
$names = explode(',',$this->getGroupName());
if(!is_array($names))
{
return array();
}
foreach($names as $name)
{
$new_names[] = trim($name);
}
return $new_names;
}

+ Here is the call graph for this function:

ilLDAPServer::getGroupScope ( )

Definition at line 599 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), and update().

{
return $this->group_scope;
}

+ Here is the caller graph for this function:

ilLDAPServer::getGroupUserFilter ( )

Definition at line 582 of file class.ilLDAPServer.php.

Referenced by create(), and update().

{
return $this->group_user_filter;
}

+ Here is the caller graph for this function:

static ilLDAPServer::getInstanceByServerId (   $a_server_id)
static

Definition at line 52 of file class.ilLDAPServer.php.

Referenced by ilECSCmsCourseMemberCommandQueueHandler\createMember(), ilAuthContainerCAS\handleLDAPDataSource(), ilAuthContainerRadius\handleLDAPDataSource(), ilLDAPUserSynchronisation\initServer(), and ilLDAPRoleAssignmentRule\isGroupMember().

{
if(isset(self::$instances[$a_server_id]))
{
return self::$instances[$a_server_id];
}
return self::$instances[$a_server_id] = new ilLDAPServer($a_server_id);
}

+ Here is the caller graph for this function:

ilLDAPServer::getName ( )

Definition at line 411 of file class.ilLDAPServer.php.

Referenced by create(), update(), and validate().

{
return $this->name;
}

+ Here is the caller graph for this function:

ilLDAPServer::getPearAtributeArray ( )
private

Get attribute array for pear auth data.

private

Parameters

Definition at line 911 of file class.ilLDAPServer.php.

References ilLDAPAttributeMapping\_getInstanceByServerId(), enabledSyncOnLogin(), ilLDAPRoleAssignmentRules\getAttributeNames(), getServerId(), and getUserAttribute().

Referenced by toPearAuthArray().

{
if($this->enabledSyncOnLogin())
{
include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php');
return array_merge(
array($this->getUserAttribute()),
$mapping->getFields(),
array('dn'),
);
}
else
{
return array($this->getUserAttribute());
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPServer::getRoleBindDN ( )

Definition at line 631 of file class.ilLDAPServer.php.

References $role_bind_dn.

Referenced by create(), and update().

{
}

+ Here is the caller graph for this function:

ilLDAPServer::getRoleBindPassword ( )

Definition at line 639 of file class.ilLDAPServer.php.

References $role_bind_pass.

Referenced by create(), and update().

{
}

+ Here is the caller graph for this function:

ilLDAPServer::getSearchBase ( )

Definition at line 482 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), and update().

{
return $this->search_base;
}

+ Here is the caller graph for this function:

ilLDAPServer::getServerId ( )

Definition at line 284 of file class.ilLDAPServer.php.

References $server_id.

Referenced by getPearAtributeArray(), and update().

{
}

+ Here is the caller graph for this function:

ilLDAPServer::getUrl ( )

Definition at line 347 of file class.ilLDAPServer.php.

Referenced by ilLDAPQuery\__construct(), toPearAuthArray(), and validate().

{
return $this->url;
}

+ Here is the caller graph for this function:

ilLDAPServer::getUrlString ( )

Definition at line 372 of file class.ilLDAPServer.php.

Referenced by create(), and update().

{
return $this->url_string;
}

+ Here is the caller graph for this function:

ilLDAPServer::getUserAttribute ( )

Definition at line 490 of file class.ilLDAPServer.php.

Referenced by create(), getPearAtributeArray(), toPearAuthArray(), update(), and validate().

{
return $this->user_attribute;
}

+ Here is the caller graph for this function:

ilLDAPServer::getUserScope ( )

Definition at line 607 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), and update().

{
return $this->user_scope;
}

+ Here is the caller graph for this function:

ilLDAPServer::getVersion ( )

Definition at line 419 of file class.ilLDAPServer.php.

References DEFAULT_VERSION.

Referenced by create(), toPearAuthArray(), update(), and validate().

{
return $this->version ? $this->version : self::DEFAULT_VERSION;
}

+ Here is the caller graph for this function:

ilLDAPServer::isAccountMigrationEnabled ( )

enabled account migration

public

Definition at line 674 of file class.ilLDAPServer.php.

Referenced by create(), and update().

{
return $this->account_migration ? true : false;
}

+ Here is the caller graph for this function:

ilLDAPServer::isActive ( )

Definition at line 343 of file class.ilLDAPServer.php.

Referenced by create(), and update().

{
return $this->active;
}

+ Here is the caller graph for this function:

ilLDAPServer::isActiveReferrer ( )

Definition at line 435 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), and update().

{
return $this->referrals ? true : false;
}

+ Here is the caller graph for this function:

ilLDAPServer::isActiveTLS ( )

Definition at line 443 of file class.ilLDAPServer.php.

Referenced by create(), toPearAuthArray(), update(), and validate().

{
return $this->tls ? true : false;
}

+ Here is the caller graph for this function:

ilLDAPServer::isAuthenticationEnabled ( )

Check if authentication is enabled.

Returns
bool

Definition at line 302 of file class.ilLDAPServer.php.

References $enabled_authentication.

Referenced by create(), getAuthenticationMappingKey(), and update().

{
}

+ Here is the caller graph for this function:

static ilLDAPServer::isDataSourceActive (   $a_auth_mode)
static

Check if a data source is active for a specific auth mode ilDB $ilDB.

Parameters
int$a_auth_mode
Returns
bool

Definition at line 226 of file class.ilLDAPServer.php.

References $query, $res, $row, and DB_FETCHMODE_OBJECT.

Referenced by ilCASSettingsGUI\initFormSettings(), ilAuthContainerCAS\loginObserver(), ilAuthContainerRadius\loginObserver(), and ilRadiusSettingsGUI\settings().

{
global $ilDB;
$query = "SELECT server_id FROM ldap_server_settings ".
"WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
"AND authentication = ".$ilDB->quote(0,'integer');
$res = $ilDB->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
return true;
}
return false;
}

+ Here is the caller graph for this function:

ilLDAPServer::isMembershipOptional ( )

Definition at line 574 of file class.ilLDAPServer.php.

Referenced by create(), and update().

{
return (bool) $this->group_optional;
}

+ Here is the caller graph for this function:

ilLDAPServer::prepareFilter (   $a_filter)
private

Create brackets for filters if they do not exist.

private

Parameters
stringfilter

Definition at line 884 of file class.ilLDAPServer.php.

Referenced by getFilter(), and getGroupFilter().

{
$filter = trim($a_filter);
if(!strlen($filter))
{
return $filter;
}
if(strpos($filter,'(') !== 0)
{
$filter = ('('.$filter);
}
if(substr($filter,-1) != ')')
{
$filter = ($filter.')');
}
return $filter;
}

+ Here is the caller graph for this function:

ilLDAPServer::read ( )
private

Read server settings.

Definition at line 937 of file class.ilLDAPServer.php.

References $query, $res, $row, DB_FETCHMODE_OBJECT, enableAccountMigration(), enableAuthentication(), enableGroupMemberIsDN(), enableRoleSynchronization(), enableSyncOnLogin(), enableSyncPerCron(), setAuthenticationMapping(), setBaseDN(), setBindingType(), setBindPassword(), setBindUser(), setFilter(), setGroupAttribute(), setGroupDN(), setGroupFilter(), setGroupMember(), setGroupName(), setGroupScope(), setGroupUserFilter(), setName(), setRoleBindDN(), setRoleBindPassword(), setSearchBase(), setUrl(), setUserAttribute(), setUserScope(), setVersion(), toggleActive(), toggleMembershipOptional(), toggleReferrer(), and toggleTLS().

Referenced by __construct().

{
if(!$this->server_id)
{
return true;
}
$query = "SELECT * FROM ldap_server_settings WHERE server_id = ".$this->db->quote($this->server_id)."";
$res = $this->db->query($query);
while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
{
$this->toggleActive($row->active);
$this->setName($row->name);
$this->setUrl($row->url);
$this->setVersion($row->version);
$this->setBaseDN($row->base_dn);
$this->toggleReferrer($row->referrals);
$this->toggleTLS($row->tls);
$this->setBindingType($row->bind_type);
$this->setBindUser($row->bind_user);
$this->setBindPassword($row->bind_pass);
$this->setSearchBase($row->search_base);
$this->setUserScope($row->user_scope);
$this->setUserAttribute($row->user_attribute);
$this->setFilter($row->filter);
$this->setGroupDN($row->group_dn);
$this->setGroupScope($row->group_scope);
$this->setGroupFilter($row->group_filter);
$this->setGroupMember($row->group_member);
$this->setGroupAttribute($row->group_attribute);
$this->toggleMembershipOptional($row->group_optional);
$this->setGroupUserFilter($row->group_user_filter);
$this->enableGroupMemberIsDN($row->group_memberisdn);
$this->setGroupName($row->group_name);
$this->enableSyncOnLogin($row->sync_on_login);
$this->enableSyncPerCron($row->sync_per_cron);
$this->enableRoleSynchronization($row->role_sync_active);
$this->setRoleBindDN($row->role_bind_dn);
$this->setRoleBindPassword($row->role_bind_pass);
$this->enableAccountMigration($row->migration);
$this->enableAuthentication($row->authentication);
$this->setAuthenticationMapping($row->authentication_type);
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilLDAPServer::setAuthenticationMapping (   $a_map)

Set mapped authentication mapping.

Parameters
int$a_map

Definition at line 311 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->authentication_mapping = $a_map;
}

+ Here is the caller graph for this function:

ilLDAPServer::setBaseDN (   $a_base_dn)

Definition at line 431 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->base_dn = $a_base_dn;
}

+ Here is the caller graph for this function:

ilLDAPServer::setBindingType (   $a_type)

Definition at line 455 of file class.ilLDAPServer.php.

References IL_LDAP_BIND_ANONYMOUS, and IL_LDAP_BIND_USER.

Referenced by read().

{
if($a_type == IL_LDAP_BIND_USER)
{
$this->binding_type = IL_LDAP_BIND_USER;
}
else
{
$this->binding_type = IL_LDAP_BIND_ANONYMOUS;
}
}

+ Here is the caller graph for this function:

ilLDAPServer::setBindPassword (   $a_password)

Definition at line 478 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->bind_password = $a_password;
}

+ Here is the caller graph for this function:

ilLDAPServer::setBindUser (   $a_user)

Definition at line 470 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->bind_user = $a_user;
}

+ Here is the caller graph for this function:

ilLDAPServer::setFilter (   $a_filter)

Definition at line 502 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->filter = $a_filter;
}

+ Here is the caller graph for this function:

ilLDAPServer::setGlobalRole (   $a_role)

Definition at line 627 of file class.ilLDAPServer.php.

{
$this->global_role = $a_role;
}
ilLDAPServer::setGroupAttribute (   $a_value)

Definition at line 565 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->group_attribute = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setGroupDN (   $a_value)

Definition at line 510 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->group_dn = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setGroupFilter (   $a_value)

Definition at line 518 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->group_filter = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setGroupMember (   $a_value)

Definition at line 526 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->group_member = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setGroupName (   $a_value)

Definition at line 534 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->group_name = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setGroupScope (   $a_value)

Definition at line 595 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->group_scope = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setGroupUserFilter (   $a_filter)

Definition at line 578 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->group_user_filter = $a_filter;
}

+ Here is the caller graph for this function:

ilLDAPServer::setName (   $a_name)

Definition at line 415 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->name = $a_name;
}

+ Here is the caller graph for this function:

ilLDAPServer::setRoleBindDN (   $a_value)

Definition at line 635 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->role_bind_dn = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setRoleBindPassword (   $a_value)

Definition at line 643 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->role_bind_pass = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setSearchBase (   $a_search_base)

Definition at line 486 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->search_base = $a_search_base;
}

+ Here is the caller graph for this function:

ilLDAPServer::setUrl (   $a_url)

Definition at line 351 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->url_string = $a_url;
// Maybe there are more than one url's (comma seperated).
$urls = explode(',',$a_url);
$counter = 0;
foreach($urls as $url)
{
$url = trim($url);
if(!$counter++)
{
$this->url = $url;
}
else
{
$this->fallback_urls[] = $url;
}
}
}

+ Here is the caller graph for this function:

ilLDAPServer::setUserAttribute (   $a_user_attr)

Definition at line 494 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->user_attribute = $a_user_attr;
}

+ Here is the caller graph for this function:

ilLDAPServer::setUserScope (   $a_value)

Definition at line 603 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->user_scope = $a_value;
}

+ Here is the caller graph for this function:

ilLDAPServer::setVersion (   $a_version)

Definition at line 423 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->version = $a_version;
}

+ Here is the caller graph for this function:

ilLDAPServer::toggleActive (   $a_status)

Definition at line 339 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->active = $a_status;
}

+ Here is the caller graph for this function:

static ilLDAPServer::toggleDataSource (   $a_auth_mode,
  $a_status 
)
static

Toggle Data Source.

Todo:
handle multiple ldap servers
Parameters
int$a_auth_mode
int$a_status

Definition at line 262 of file class.ilLDAPServer.php.

References $query.

Referenced by ilRadiusSettingsGUI\save(), and ilCASSettingsGUI\save().

{
global $ilDB;
if($a_status)
{
$query = "UPDATE ldap_server_settings ".
"SET authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
"WHERE authentication = ".$ilDB->quote(0,'integer');
$ilDB->query($query);
}
else
{
$query = "UPDATE ldap_server_settings ".
"SET authentication_type = ".$ilDB->quote(0,'integer')." ".
"WHERE authentication = ".$ilDB->quote(0,'integer');
$ilDB->query($query);
}
return true;
}

+ Here is the caller graph for this function:

ilLDAPServer::toggleMembershipOptional (   $a_status)

Definition at line 570 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->group_optional = (bool) $a_status;
}

+ Here is the caller graph for this function:

ilLDAPServer::toggleReferrer (   $a_status)

Definition at line 439 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->referrals = $a_status;
}

+ Here is the caller graph for this function:

ilLDAPServer::toggleTLS (   $a_status)

Definition at line 447 of file class.ilLDAPServer.php.

Referenced by read().

{
$this->tls = $a_status;
}

+ Here is the caller graph for this function:

ilLDAPServer::toPearAuthArray ( )

Creates an array of options compatible to PEAR Auth.

Returns
array auth settings

Definition at line 817 of file class.ilLDAPServer.php.

References DEBUG, enabledGroupMemberIsDN(), getBaseDN(), getBindingType(), getBindPassword(), getBindUser(), getFilter(), getGroupAttribute(), getGroupDN(), getGroupFilter(), getGroupMember(), getGroupName(), getGroupScope(), getPearAtributeArray(), getSearchBase(), getUrl(), getUserAttribute(), getUserScope(), getVersion(), IL_LDAP_BIND_USER, IL_LDAP_SCOPE_BASE, IL_LDAP_SCOPE_ONE, isActiveReferrer(), and isActiveTLS().

{
$options = array(
'url' => $this->getUrl(),
'version' => (int) $this->getVersion(),
'referrals' => (bool) $this->isActiveReferrer());
{
$options['binddn'] = $this->getBindUser();
$options['bindpw'] = $this->getBindPassword();
}
$options['basedn'] = $this->getBaseDN();
$options['start_tls'] = (bool) $this->isActiveTLS();
$options['userdn'] = $this->getSearchBase();
switch($this->getUserScope())
{
$options['userscope'] = 'one';
break;
default:
$options['userscope'] = 'sub';
break;
}
$options['userattr'] = $this->getUserAttribute();
$options['userfilter'] = $this->getFilter();
$options['attributes'] = $this->getPearAtributeArray();
$options['debug'] = self::DEBUG;
if(@include_once('Log.php'))
{
if(@include_once('Log/observer.php'))
{
$options['enableLogging'] = true;
}
}
switch($this->getGroupScope())
{
$options['groupscope'] = 'base';
break;
$options['groupscope'] = 'one';
break;
default:
$options['groupscope'] = 'sub';
break;
}
$options['groupdn'] = $this->getGroupDN();
$options['groupattr'] = $this->getGroupAttribute();
$options['groupfilter'] = $this->getGroupFilter();
$options['memberattr'] = $this->getGroupMember();
$options['memberisdn'] = $this->enabledGroupMemberIsDN();
$options['group'] = $this->getGroupName();
return $options;
}

+ Here is the call graph for this function:

ilLDAPServer::update ( )

Definition at line 770 of file class.ilLDAPServer.php.

References $query, $res, enabledGroupMemberIsDN(), enabledRoleSynchronization(), enabledSyncOnLogin(), enabledSyncPerCron(), getAuthenticationMapping(), getBaseDN(), getBindingType(), getBindPassword(), getBindUser(), getFilter(), getGroupAttribute(), getGroupDN(), getGroupFilter(), getGroupMember(), getGroupName(), getGroupScope(), getGroupUserFilter(), getName(), getRoleBindDN(), getRoleBindPassword(), getSearchBase(), getServerId(), getUrlString(), getUserAttribute(), getUserScope(), getVersion(), isAccountMigrationEnabled(), isActive(), isActiveReferrer(), isActiveTLS(), isAuthenticationEnabled(), and isMembershipOptional().

{
global $ilDB;
$query = "UPDATE ldap_server_settings SET ".
"active = ".$this->db->quote($this->isActive(),'integer').", ".
"name = ".$this->db->quote($this->getName(),'text').", ".
"url = ".$this->db->quote($this->getUrlString(),'text').", ".
"version = ".$this->db->quote($this->getVersion(),'integer').", ".
"base_dn = ".$this->db->quote($this->getBaseDN(),'text').", ".
"referrals = ".$this->db->quote($this->isActiveReferrer(),'integer').", ".
"tls = ".$this->db->quote($this->isActiveTLS(),'integer').", ".
"bind_type = ".$this->db->quote($this->getBindingType(),'integer').", ".
"bind_user = ".$this->db->quote($this->getBindUser(),'text').", ".
"bind_pass = ".$this->db->quote($this->getBindPassword(),'text').", ".
"search_base = ".$this->db->quote($this->getSearchBase(),'text').", ".
"user_scope = ".$this->db->quote($this->getUserScope(),'integer').", ".
"user_attribute = ".$this->db->quote($this->getUserAttribute(),'text').", ".
"filter = ".$this->db->quote($this->getFilter(),'text').", ".
"group_dn = ".$this->db->quote($this->getGroupDN(),'text').", ".
"group_scope = ".$this->db->quote($this->getGroupScope(),'integer').", ".
"group_filter = ".$this->db->quote($this->getGroupFilter(),'text').", ".
"group_member = ".$this->db->quote($this->getGroupMember(),'text').", ".
"group_memberisdn =".$this->db->quote((int) $this->enabledGroupMemberIsDN(),'integer').", ".
"group_name = ".$this->db->quote($this->getGroupName(),'text').", ".
"group_attribute = ".$this->db->quote($this->getGroupAttribute(),'text').", ".
"group_optional = ".$this->db->quote((int) $this->isMembershipOptional(),'integer').", ".
"group_user_filter = ".$this->db->quote($this->getGroupUserFilter(),'text').", ".
"sync_on_login = ".$this->db->quote(($this->enabledSyncOnLogin() ? 1 : 0),'integer').", ".
"sync_per_cron = ".$this->db->quote(($this->enabledSyncPerCron() ? 1 : 0),'integer').", ".
"role_sync_active = ".$this->db->quote($this->enabledRoleSynchronization(),'integer').", ".
"role_bind_dn = ".$this->db->quote($this->getRoleBindDN(),'text').", ".
"role_bind_pass = ".$this->db->quote($this->getRoleBindPassword(),'text').", ".
"migration = ".$this->db->quote((int)$this->isAccountMigrationEnabled(),'integer').", ".
'authentication = '.$this->db->quote((int) $this->isAuthenticationEnabled(),'integer').', '.
'authentication_type = '.$this->db->quote((int) $this->getAuthenticationMapping(),'integer').' '.
"WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
$res = $ilDB->manipulate($query);
return true;
}

+ Here is the call graph for this function:

ilLDAPServer::validate ( )

Validate user input.

Parameters
@returnboolean

Definition at line 685 of file class.ilLDAPServer.php.

References $ilErr, enabledSyncOnLogin(), enabledSyncPerCron(), getBaseDN(), getBindingType(), getBindPassword(), getBindUser(), getName(), getUrl(), getUserAttribute(), getVersion(), IL_LDAP_BIND_USER, and isActiveTLS().

{
global $ilErr;
$ilErr->setMessage('');
if(!strlen($this->getName()) ||
!strlen($this->getUrl()) ||
!strlen($this->getBaseDN()) ||
!strlen($this->getUserAttribute()))
{
$ilErr->setMessage($this->lng->txt('fill_out_all_required_fields'));
}
&& (!strlen($this->getBindUser()) || !strlen($this->getBindPassword())))
{
$ilErr->appendMessage($this->lng->txt('ldap_missing_bind_user'));
}
if(($this->enabledSyncPerCron() or $this->enabledSyncOnLogin()) and !$this->global_role)
{
$ilErr->appendMessage($this->lng->txt('ldap_missing_role_assignment'));
}
if($this->getVersion() == 2 and $this->isActiveTLS())
{
$ilErr->appendMessage($this->lng->txt('ldap_tls_conflict'));
}
return strlen($ilErr->getMessage()) ? false : true;
}

+ Here is the call graph for this function:

Field Documentation

ilLDAPServer::$authentication_mapping = 0
private

Definition at line 39 of file class.ilLDAPServer.php.

Referenced by getAuthenticationMapping().

ilLDAPServer::$enabled_authentication = true
private

Definition at line 38 of file class.ilLDAPServer.php.

Referenced by isAuthenticationEnabled().

ilLDAPServer::$fallback_urls = array()
private

Definition at line 36 of file class.ilLDAPServer.php.

ilLDAPServer::$instances = array()
staticprivate

Definition at line 26 of file class.ilLDAPServer.php.

ilLDAPServer::$role_bind_dn = ''
private

Definition at line 31 of file class.ilLDAPServer.php.

Referenced by getRoleBindDN().

ilLDAPServer::$role_bind_pass = ''
private

Definition at line 32 of file class.ilLDAPServer.php.

Referenced by getRoleBindPassword().

ilLDAPServer::$role_sync_active = 0
private

Definition at line 33 of file class.ilLDAPServer.php.

Referenced by enabledRoleSynchronization().

ilLDAPServer::$server_id = null
private

Definition at line 35 of file class.ilLDAPServer.php.

Referenced by getServerId().

const ilLDAPServer::DEBUG = false

Definition at line 28 of file class.ilLDAPServer.php.

Referenced by toPearAuthArray().

const ilLDAPServer::DEFAULT_VERSION = 3

Definition at line 29 of file class.ilLDAPServer.php.

Referenced by getVersion().


The documentation for this class was generated from the following file: