ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilLDAPServer.php
Go to the documentation of this file.
1<?php
2
3/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
4
5define('IL_LDAP_BIND_ANONYMOUS',0);
6define('IL_LDAP_BIND_USER',1);
7
8define('IL_LDAP_SCOPE_SUB',0);
9define('IL_LDAP_SCOPE_ONE',1);
10define('IL_LDAP_SCOPE_BASE',2);
11
24class ilLDAPServer
25{
26 private static $instances = array();
27
28 const DEBUG = false;
29 const DEFAULT_VERSION = 3;
30 const DEFAULT_NETWORK_TIMEOUT = 5;
31
32 private $role_bind_dn = '';
33 private $role_bind_pass = '';
34 private $role_sync_active = 0;
35
36 private $server_id = null;
37 private $fallback_urls = array();
38
39 private $enabled_authentication = true;
40 private $authentication_mapping = 0;
41
42 public function __construct($a_server_id = 0)
43 {
44 global $ilDB,$lng;
45
46 $this->db = $ilDB;
47 $this->lng = $lng;
48 $this->server_id = $a_server_id;
49
50 $this->read();
51 }
52
58 public static function getInstanceByServerId($a_server_id)
59 {
60 if(isset(self::$instances[$a_server_id]))
61 {
62 return self::$instances[$a_server_id];
63 }
64 return self::$instances[$a_server_id] = new ilLDAPServer($a_server_id);
65 }
66
71 public function rotateFallbacks()
72 {
73 global $ilDB;
74
75 if(!$this->fallback_urls)
76 {
77 return FALSE;
78 }
79
80 $all_urls = array_merge($this->fallback_urls);
81 $all_urls[] = $this->getUrl();
82
83 $query = 'UPDATE ldap_server_settings SET '.
84 'url = '.$ilDB->quote(implode(',', $all_urls),'text').' '.
85 'WHERE server_id = '.$ilDB->quote($this->getServerId(),'integer');
86 $ilDB->manipulate($query);
87 return TRUE;
88 }
89
90
95 public static function checkLDAPLib()
96 {
97 return function_exists('ldap_bind');
98 }
99
105 public static function _getActiveServerList()
106 {
107 global $ilDB;
108
109 $query = "SELECT server_id FROM ldap_server_settings ".
110 "WHERE active = 1 AND authentication = 1 ".
111 "ORDER BY name ";
112 $res = $ilDB->query($query);
113 $server_ids = array();
114 while($row = $ilDB->fetchObject($res))
115 {
116 $server_ids[] = $row->server_id;
117 }
118 return $server_ids;
119 }
120
126 public static function _getCronServerIds()
127 {
128 global $ilDB;
129
130 $query = "SELECT server_id FROM ldap_server_settings ".
131 "WHERE active = 1 ".
132 "AND sync_per_cron = 1 ".
133 "ORDER BY name";
134
135 $res = $ilDB->query($query);
136 while($row = $ilDB->fetchObject($res))
137 {
138 $server_ids[] = $row->server_id;
139 }
140 return $server_ids ? $server_ids : array();
141 }
142
150 public static function _getRoleSyncServerIds()
151 {
152 global $ilDB;
153
154 $query = "SELECT server_id FROM ldap_server_settings ".
155 "WHERE active = 1 ".
156 "AND role_sync_active = 1 ";
157
158 $res = $ilDB->query($query);
159 $server_ids = array();
160 while($row = $ilDB->fetchObject($res))
161 {
162 $server_ids[] = $row->server_id;
163 }
164 return $server_ids;
165 }
166
174 public static function _getPasswordServers()
175 {
176 return ilLDAPServer::_getActiveServerList();
177 }
178
179
185 public static function _getFirstActiveServer()
186 {
187 $servers = ilLDAPServer::_getActiveServerList();
188 if(count($servers))
189 {
190 return $servers[0];
191 }
192 return 0;
193 }
194
200 public static function _getServerList()
201 {
202 global $ilDB;
203
204 $query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
205
206 $res = $ilDB->query($query);
207 while($row = $ilDB->fetchObject($res))
208 {
209 $server_ids[] = $row->server_id;
210 }
211 return $server_ids ? $server_ids : array();
212 }
213
219 public static function getServerIds()
220 {
221 global $ilDB;
222
223 $query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
224
225
226 $res = $ilDB->query($query);
227
228 $server = array();
229 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
230 {
231 $server[] = $row->server_id;
232 }
233 return $server;
234 }
235
241 public static function _getAllServer()
242 {
243 global $ilDB;
244
245 $query = "SELECT * FROM ldap_server_settings ORDER BY name";
246
247 $server = array();
248
249 $res = $ilDB->query($query);
250 while($row = $ilDB->fetchAssoc($res))
251 {
252 $server[] = $row;
253 }
254 return $server;
255 }
256
257 /*
258 * Get first server id
259 *
260 * @return integer server_id
261 */
262 public static function _getFirstServer()
263 {
264 $servers = ilLDAPServer::_getServerList();
265
266 if(count($servers))
267 {
268 return $servers[0];
269 }
270 return 0;
271 }
272
273
274 public static function getAvailableDataSources($a_auth_mode)
275 {
276 global $ilDB;
277
278 $query = "SELECT server_id FROM ldap_server_settings ".
279 "WHERE active = ".$ilDB->quote(1,'integer')." ".
280 "AND authentication = ".$ilDB->quote(0,'integer')." ".
281 "AND ( authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
282 "OR authentication_type = ".$ilDB->quote(0,'integer').")";
283 $res = $ilDB->query($query);
284
285 $server_ids = array();
286 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
287 {
288 $server_ids[] = $row->server_id;
289 }
290 return $server_ids;
291 }
292
299 public static function isDataSourceActive($a_auth_mode)
300 {
301 global $ilDB;
302
303 $query = "SELECT server_id FROM ldap_server_settings ".
304 "WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
305 "AND authentication = ".$ilDB->quote(0,'integer');
306 $res = $ilDB->query($query);
307 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
308 {
309 return true;
310 }
311 return false;
312 }
313
314 public static function getDataSource($a_auth_mode)
315 {
316 global $ilDB;
317
318 $query = "SELECT server_id FROM ldap_server_settings ".
319 "WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ";
320 $res = $ilDB->query($query);
321 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
322 {
323 return $row->server_id;
324 }
325 return 0;
326 }
327
331 public static function disableDataSourceForAuthMode($a_authmode)
332 {
333 global $ilDB;
334
335 $query = 'UPDATE ldap_server_settings '.
336 'SET authentication_type = '. $ilDB->quote(0,'integer').' '.
337 'WHERE authentication_type = '.$ilDB->quote($a_authmode,'integer');
338 $ilDB->manipulate($query);
339 return true;
340 }
341
342
343
350 public static function toggleDataSource($a_ldap_server_id, $a_auth_mode,$a_status)
351 {
352 global $ilDB;
353
354 self::disableDataSourceForAuthMode($a_auth_mode);
355
356 if($a_status)
357 {
358 $query = "UPDATE ldap_server_settings ".
359 'SET authentication_type = '.$ilDB->quote($a_auth_mode,'integer')." ".
360 'WHERE server_id = '.$ilDB->quote($a_ldap_server_id,'integer');
361 $ilDB->manipulate($query);
362 }
363 return true;
364 }
365
366 // begin-patch ldap_multiple
371 public static function isAuthModeLDAP($a_auth_mode)
372 {
373 if(!$a_auth_mode)
374 {
375 $GLOBALS['ilLog']->write(__METHOD__.': No auth mode given..............');
376 return false;
377 }
378 $auth_arr = explode('_', $a_auth_mode);
379 return ($auth_arr[0] == AUTH_LDAP) and $auth_arr[1];
380 }
381
387 public static function getServerIdByAuthMode($a_auth_mode)
388 {
389 if(self::isAuthModeLDAP($a_auth_mode))
390 {
391 $auth_arr = explode('_', $a_auth_mode);
392 return $auth_arr[1];
393 }
394 return NULL;
395 }
396
401 public static function getAuthModeByKey($a_auth_key)
402 {
403 $auth_arr = explode('_', $a_auth_key);
404 if(count((array) $auth_arr) > 1)
405 {
406 return 'ldap_'.$auth_arr[1];
407 }
408 return 'ldap';
409 }
410
416 public static function getKeyByAuthMode($a_auth_mode)
417 {
418 $auth_arr = explode('_', $a_auth_mode);
419 if(count((array) $auth_arr) > 1)
420 {
421 return AUTH_LDAP.'_'.$auth_arr[1];
422 }
423 return AUTH_LDAP;
424 }
425
426 // end-patch ldap_multiple
427
428 // Set/Get
429 public function getServerId()
430 {
431 return $this->server_id;
432 }
433
438 public function enableAuthentication($a_status)
439 {
440 $this->enabled_authentication = (bool) $a_status;
441 }
442
447 public function isAuthenticationEnabled()
448 {
449 return (bool) $this->enabled_authentication;
450 }
451
456 public function setAuthenticationMapping($a_map)
457 {
458 $this->authentication_mapping = $a_map;
459 }
460
465 public function getAuthenticationMapping()
466 {
467 return $this->authentication_mapping;
468 }
469
475 public function getAuthenticationMappingKey()
476 {
477 if($this->isAuthenticationEnabled() or !$this->getAuthenticationMapping())
478 {
479 // begin-patch ldap_multiple
480 return 'ldap_'.$this->getServerId();
481 #return 'ldap';
482 // end-patch ldap_multiple
483 }
484 return ilAuthUtils::_getAuthModeName($this->getAuthenticationMapping());
485 }
486
487 public function toggleActive($a_status)
488 {
489 $this->active = $a_status;
490 }
491 public function isActive()
492 {
493 return $this->active;
494 }
495 public function getUrl()
496 {
497 return $this->url;
498 }
499 public function setUrl($a_url)
500 {
501 $this->url_string = $a_url;
502
503 // Maybe there are more than one url's (comma seperated).
504 $urls = explode(',',$a_url);
505
506 $counter = 0;
507 foreach($urls as $url)
508 {
509 $url = trim($url);
510 if(!$counter++)
511 {
512 $this->url = $url;
513 }
514 else
515 {
516 $this->fallback_urls[] = $url;
517 }
518 }
519 }
520 public function getUrlString()
521 {
522 return $this->url_string;
523 }
524
532 public function doConnectionCheck()
533 {
534 include_once('Services/LDAP/classes/class.ilLDAPQuery.php');
535
536 foreach(array_merge(array(0 => $this->url),$this->fallback_urls) as $url)
537 {
538 try
539 {
540 ilLoggerFactory::getLogger('auth')->debug('Using url: ' . $url);
541 // Need to do a full bind, since openldap return valid connection links for invalid hosts
542 $query = new ilLDAPQuery($this,$url);
543 $query->bind(IL_LDAP_BIND_TEST);
544 $this->url = $url;
545 return TRUE;
546 }
547 catch(ilLDAPQueryException $exc)
548 {
549 $this->rotateFallbacks();
550 ilLoggerFactory::getLogger('auth')->error('Cannot connect to LDAP server: '. $url .' '. $exc->getCode().' '. $exc->getMessage());
551 }
552 }
553 ilLoggerFactory::getLogger('auth')->warning('No valid LDAP server found');
554 return FALSE;
555 }
556
557
558 public function getName()
559 {
560 return $this->name;
561 }
562 public function setName($a_name)
563 {
564 $this->name = $a_name;
565 }
566 public function getVersion()
567 {
568 return $this->version ? $this->version : self::DEFAULT_VERSION;
569 }
570 public function setVersion($a_version)
571 {
572 $this->version = $a_version;
573 }
574 public function getBaseDN()
575 {
576 return $this->base_dn;
577 }
578 public function setBaseDN($a_base_dn)
579 {
580 $this->base_dn = $a_base_dn;
581 }
582 public function isActiveReferrer()
583 {
584 return $this->referrals ? true : false;
585 }
586 public function toggleReferrer($a_status)
587 {
588 $this->referrals = $a_status;
589 }
590 public function isActiveTLS()
591 {
592 return $this->tls ? true : false;
593 }
594 public function toggleTLS($a_status)
595 {
596 $this->tls = $a_status;
597 }
598 public function getBindingType()
599 {
600 return $this->binding_type;
601 }
602 public function setBindingType($a_type)
603 {
604 if($a_type == IL_LDAP_BIND_USER)
605 {
606 $this->binding_type = IL_LDAP_BIND_USER;
607 }
608 else
609 {
610 $this->binding_type = IL_LDAP_BIND_ANONYMOUS;
611 }
612 }
613 public function getBindUser()
614 {
615 return $this->bind_user;
616 }
617 public function setBindUser($a_user)
618 {
619 $this->bind_user = $a_user;
620 }
621 public function getBindPassword()
622 {
623 return $this->bind_password;
624 }
625 public function setBindPassword($a_password)
626 {
627 $this->bind_password = $a_password;
628 }
629 public function getSearchBase()
630 {
631 return $this->search_base;
632 }
633 public function setSearchBase($a_search_base)
634 {
635 $this->search_base = $a_search_base;
636 }
637 public function getUserAttribute()
638 {
639 return $this->user_attribute;
640 }
641 public function setUserAttribute($a_user_attr)
642 {
643 $this->user_attribute = $a_user_attr;
644 }
645 public function getFilter()
646 {
647 return $this->prepareFilter($this->filter);
648 }
649 public function setFilter($a_filter)
650 {
651 $this->filter = $a_filter;
652 }
653 public function getGroupDN()
654 {
655 return $this->group_dn;
656 }
657 public function setGroupDN($a_value)
658 {
659 $this->group_dn = $a_value;
660 }
661 public function getGroupFilter()
662 {
663 return $this->prepareFilter($this->group_filter);
664 }
665 public function setGroupFilter($a_value)
666 {
667 $this->group_filter = $a_value;
668 }
669 public function getGroupMember()
670 {
671 return $this->group_member;
672 }
673 public function setGroupMember($a_value)
674 {
675 $this->group_member = $a_value;
676 }
677 public function getGroupName()
678 {
679 return $this->group_name;
680 }
681 public function setGroupName($a_value)
682 {
683 $this->group_name = $a_value;
684 }
692 public function getGroupNames()
693 {
694 $names = explode(',',$this->getGroupName());
695
696 if(!is_array($names))
697 {
698 return array();
699 }
700 foreach($names as $name)
701 {
702 $new_names[] = trim($name);
703 }
704 return $new_names;
705 }
706
707
708 public function getGroupAttribute()
709 {
710 return $this->group_attribute;
711 }
712 public function setGroupAttribute($a_value)
713 {
714 $this->group_attribute = $a_value;
715 }
716
717 public function toggleMembershipOptional($a_status)
718 {
719 $this->group_optional = (bool) $a_status;
720 }
721 public function isMembershipOptional()
722 {
723 return (bool) $this->group_optional;
724 }
725 public function setGroupUserFilter($a_filter)
726 {
727 $this->group_user_filter = $a_filter;
728 }
729 public function getGroupUserFilter()
730 {
731 return $this->group_user_filter;
732 }
733
734 public function enabledGroupMemberIsDN()
735 {
736 return (bool) $this->memberisdn;
737 }
738 public function enableGroupMemberIsDN($a_value)
739 {
740 $this->memberisdn = (bool) $a_value;
741 }
742 public function setGroupScope($a_value)
743 {
744 $this->group_scope = $a_value;
745 }
746 public function getGroupScope()
747 {
748 return $this->group_scope;
749 }
750 public function setUserScope($a_value)
751 {
752 $this->user_scope = $a_value;
753 }
754 public function getUserScope()
755 {
756 return $this->user_scope;
757 }
758 public function enabledSyncOnLogin()
759 {
760 return $this->sync_on_login;
761 }
762 public function enableSyncOnLogin($a_value)
763 {
764 $this->sync_on_login = (int) $a_value;
765 }
766 public function enabledSyncPerCron()
767 {
768 return $this->sync_per_cron;
769 }
770 public function enableSyncPerCron($a_value)
771 {
772 $this->sync_per_cron = (int) $a_value;
773 }
774 public function setGlobalRole($a_role)
775 {
776 $this->global_role = $a_role;
777 }
778 public function getRoleBindDN()
779 {
780 return $this->role_bind_dn;
781 }
782 public function setRoleBindDN($a_value)
783 {
784 $this->role_bind_dn = $a_value;
785 }
786 public function getRoleBindPassword()
787 {
788 return $this->role_bind_pass;
789 }
790 public function setRoleBindPassword($a_value)
791 {
792 $this->role_bind_pass = $a_value;
793 }
794 public function enabledRoleSynchronization()
795 {
796 return $this->role_sync_active;
797 }
798 public function enableRoleSynchronization($a_value)
799 {
800 $this->role_sync_active = $a_value;
801 }
802 // start Patch Name Filter
803 public function getUsernameFilter()
804 {
805 return $this->username_filter;
806 }
807 public function setUsernameFilter($a_value)
808 {
809 $this->username_filter = $a_value;
810 }// end Patch Name Filter
811
819 public function enableAccountMigration($a_status)
820 {
821 $this->account_migration = $a_status;
822 }
823
830 public function isAccountMigrationEnabled()
831 {
832 return $this->account_migration ? true : false;
833 }
834
835
841 public function validate()
842 {
843 global $ilErr;
844
845 $ilErr->setMessage('');
846 if(!strlen($this->getName()) ||
847 !strlen($this->getUrl()) ||
848 !strlen($this->getBaseDN()) ||
849 !strlen($this->getUserAttribute()))
850 {
851 $ilErr->setMessage($this->lng->txt('fill_out_all_required_fields'));
852 }
853
854 if($this->getBindingType() == IL_LDAP_BIND_USER
855 && (!strlen($this->getBindUser()) || !strlen($this->getBindPassword())))
856 {
857 $ilErr->appendMessage($this->lng->txt('ldap_missing_bind_user'));
858 }
859
860 if(($this->enabledSyncPerCron() or $this->enabledSyncOnLogin()) and !$this->global_role)
861 {
862 $ilErr->appendMessage($this->lng->txt('ldap_missing_role_assignment'));
863 }
864 if($this->getVersion() == 2 and $this->isActiveTLS())
865 {
866 $ilErr->appendMessage($this->lng->txt('ldap_tls_conflict'));
867 }
868
869 return strlen($ilErr->getMessage()) ? false : true;
870 }
871
872 public function create()
873 {
874 global $ilDB;
875 // start Patch Name Filter remove ",username_filter", ",%s", ",$this->getUsernameFilter()"
876 $next_id = $ilDB->nextId('ldap_server_settings');
877
878 $query = 'INSERT INTO ldap_server_settings (server_id,active,name,url,version,base_dn,referrals,tls,bind_type,bind_user,bind_pass,'.
879 'search_base,user_scope,user_attribute,filter,group_dn,group_scope,group_filter,group_member,group_memberisdn,group_name,'.
880 'group_attribute,group_optional,group_user_filter,sync_on_login,sync_per_cron,role_sync_active,role_bind_dn,role_bind_pass,migration, '.
881 'authentication,authentication_type,username_filter) '.
882 'VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)';
883 $res = $ilDB->queryF($query,
884 array(
885 'integer','integer','text','text','integer','text','integer','integer','integer','text','text','text','integer',
886 'text','text','text','integer','text','text','integer','text','text','integer','text','integer','integer','integer',
887 'text','text', 'integer','integer','integer',"text"),
888 array(
889 $next_id,
890 $this->isActive(),
891 $this->getName(),
892 $this->getUrlString(),
893 $this->getVersion(),
894 $this->getBaseDN(),
895 $this->isActiveReferrer(),
896 $this->isActiveTLS(),
897 $this->getBindingType(),
898 $this->getBindUser(),
899 $this->getBindPassword(),
900 $this->getSearchBase(),
901 $this->getUserScope(),
902 $this->getUserAttribute(),
903 $this->getFilter(),
904 $this->getGroupDN(),
905 $this->getGroupScope(),
906 $this->getGroupFilter(),
907 $this->getGroupMember(),
908 $this->enabledGroupMemberIsDN(),
909 $this->getGroupName(),
910 $this->getGroupAttribute(),
911 $this->isMembershipOptional(),
912 $this->getGroupUserFilter(),
913 $this->enabledSyncOnLogin(),
914 $this->enabledSyncPerCron(),
915 $this->enabledRoleSynchronization(),
916 $this->getRoleBindDN(),
917 $this->getRoleBindPassword(),
918 $this->isAccountMigrationEnabled(),
919 $this->isAuthenticationEnabled(),
920 $this->getAuthenticationMapping(),
921 $this->getUsernameFilter()
922 ));
923 // end Patch Name Filter
924 $this->server_id = $next_id;
925 return $next_id;
926 }
927
928 public function update()
929 {
930 global $ilDB;
931
932 $query = "UPDATE ldap_server_settings SET ".
933 "active = ".$this->db->quote($this->isActive(),'integer').", ".
934 "name = ".$this->db->quote($this->getName(),'text').", ".
935 "url = ".$this->db->quote($this->getUrlString(),'text').", ".
936 "version = ".$this->db->quote($this->getVersion(),'integer').", ".
937 "base_dn = ".$this->db->quote($this->getBaseDN(),'text').", ".
938 "referrals = ".$this->db->quote($this->isActiveReferrer(),'integer').", ".
939 "tls = ".$this->db->quote($this->isActiveTLS(),'integer').", ".
940 "bind_type = ".$this->db->quote($this->getBindingType(),'integer').", ".
941 "bind_user = ".$this->db->quote($this->getBindUser(),'text').", ".
942 "bind_pass = ".$this->db->quote($this->getBindPassword(),'text').", ".
943 "search_base = ".$this->db->quote($this->getSearchBase(),'text').", ".
944 "user_scope = ".$this->db->quote($this->getUserScope(),'integer').", ".
945 "user_attribute = ".$this->db->quote($this->getUserAttribute(),'text').", ".
946 "filter = ".$this->db->quote($this->getFilter(),'text').", ".
947 "group_dn = ".$this->db->quote($this->getGroupDN(),'text').", ".
948 "group_scope = ".$this->db->quote($this->getGroupScope(),'integer').", ".
949 "group_filter = ".$this->db->quote($this->getGroupFilter(),'text').", ".
950 "group_member = ".$this->db->quote($this->getGroupMember(),'text').", ".
951 "group_memberisdn =".$this->db->quote((int) $this->enabledGroupMemberIsDN(),'integer').", ".
952 "group_name = ".$this->db->quote($this->getGroupName(),'text').", ".
953 "group_attribute = ".$this->db->quote($this->getGroupAttribute(),'text').", ".
954 "group_optional = ".$this->db->quote((int) $this->isMembershipOptional(),'integer').", ".
955 "group_user_filter = ".$this->db->quote($this->getGroupUserFilter(),'text').", ".
956 "sync_on_login = ".$this->db->quote(($this->enabledSyncOnLogin() ? 1 : 0),'integer').", ".
957 "sync_per_cron = ".$this->db->quote(($this->enabledSyncPerCron() ? 1 : 0),'integer').", ".
958 "role_sync_active = ".$this->db->quote($this->enabledRoleSynchronization(),'integer').", ".
959 "role_bind_dn = ".$this->db->quote($this->getRoleBindDN(),'text').", ".
960 "role_bind_pass = ".$this->db->quote($this->getRoleBindPassword(),'text').", ".
961 "migration = ".$this->db->quote((int)$this->isAccountMigrationEnabled(),'integer').", ".
962 'authentication = '.$this->db->quote((int) $this->isAuthenticationEnabled(),'integer').', '.
963 'authentication_type = '.$this->db->quote((int) $this->getAuthenticationMapping(),'integer').' '.
964 // start Patch Name Filter
965 ", username_filter = ".$this->db->quote($this->getUsernameFilter(), "text")." ".
966 // end Patch Name Filter
967 "WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
968
969 $res = $ilDB->manipulate($query);
970 return true;
971 }
972
976 public function delete()
977 {
978 if(!$this->getServerId())
979 {
980 return false;
981 }
982
983 include_once 'Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
984 ilLDAPAttributeMapping::_delete($this->getServerId());
985
986 include_once 'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
987 $rules = ilLDAPRoleAssignmentRule::_getRules($this->getServerId());
988
989 foreach($rules as $ruleAssigment)
990 {
991 $ruleAssigment->delete();
992 }
993
994 include_once 'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
995 ilLDAPRoleGroupMappingSettings::_deleteByServerId($this->getServerId());
996
997 $query = "DELETE FROM ldap_server_settings ".
998 "WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
999 $res = $this->db->manipulate($query);
1000
1001 }
1002
1008 public function toPearAuthArray()
1009 {
1010 $options = array(
1011 'url' => $this->getUrl(),
1012 'version' => (int) $this->getVersion(),
1013 'referrals' => (bool) $this->isActiveReferrer());
1014
1015 if($this->getBindingType() == IL_LDAP_BIND_USER)
1016 {
1017 $options['binddn'] = $this->getBindUser();
1018 $options['bindpw'] = $this->getBindPassword();
1019 }
1020 $options['basedn'] = $this->getBaseDN();
1021 $options['start_tls'] = (bool) $this->isActiveTLS();
1022 $options['userdn'] = $this->getSearchBase();
1023 switch($this->getUserScope())
1024 {
1025 case IL_LDAP_SCOPE_ONE:
1026 $options['userscope'] = 'one';
1027 break;
1028 default:
1029 $options['userscope'] = 'sub';
1030 break;
1031 }
1032
1033 $options['userattr'] = $this->getUserAttribute();
1034 $options['userfilter'] = $this->getFilter();
1035 $options['attributes'] = $this->getPearAtributeArray();
1036 $options['debug'] = self::DEBUG;
1037
1038 if(@include_once('Log.php'))
1039 {
1040 if(@include_once('Log/observer.php'))
1041 {
1042 $options['enableLogging'] = true;
1043 }
1044 }
1045 switch($this->getGroupScope())
1046 {
1047 case IL_LDAP_SCOPE_BASE:
1048 $options['groupscope'] = 'base';
1049 break;
1050 case IL_LDAP_SCOPE_ONE:
1051 $options['groupscope'] = 'one';
1052 break;
1053 default:
1054 $options['groupscope'] = 'sub';
1055 break;
1056 }
1057 $options['groupdn'] = $this->getGroupDN();
1058 $options['groupattr'] = $this->getGroupAttribute();
1059 $options['groupfilter'] = $this->getGroupFilter();
1060 $options['memberattr'] = $this->getGroupMember();
1061 $options['memberisdn'] = $this->enabledGroupMemberIsDN();
1062 $options['group'] = $this->getGroupName();
1063
1064
1065 return $options;
1066 }
1067
1075 private function prepareFilter($a_filter)
1076 {
1077 $filter = trim($a_filter);
1078
1079 if(!strlen($filter))
1080 {
1081 return $filter;
1082 }
1083
1084 if(strpos($filter,'(') !== 0)
1085 {
1086 $filter = ('('.$filter);
1087 }
1088 if(substr($filter,-1) != ')')
1089 {
1090 $filter = ($filter.')');
1091 }
1092 return $filter;
1093 }
1094
1102 private function getPearAtributeArray()
1103 {
1104 if($this->enabledSyncOnLogin())
1105 {
1106 include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1107 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php');
1108 $mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServerId());
1109 return array_merge(
1110 array($this->getUserAttribute()),
1111 $mapping->getFields(),
1112 array('dn'),
1113 ilLDAPRoleAssignmentRules::getAttributeNames($this->getServerId())
1114 );
1115 }
1116 else
1117 {
1118 return array($this->getUserAttribute());
1119 }
1120 }
1121
1122
1123
1128 private function read()
1129 {
1130 if(!$this->server_id)
1131 {
1132 return true;
1133 }
1134 $query = "SELECT * FROM ldap_server_settings WHERE server_id = ".$this->db->quote($this->server_id)."";
1135
1136 $res = $this->db->query($query);
1137 while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1138 {
1139 $this->toggleActive($row->active);
1140 $this->setName($row->name);
1141 $this->setUrl($row->url);
1142 $this->setVersion($row->version);
1143 $this->setBaseDN($row->base_dn);
1144 $this->toggleReferrer($row->referrals);
1145 $this->toggleTLS($row->tls);
1146 $this->setBindingType($row->bind_type);
1147 $this->setBindUser($row->bind_user);
1148 $this->setBindPassword($row->bind_pass);
1149 $this->setSearchBase($row->search_base);
1150 $this->setUserScope($row->user_scope);
1151 $this->setUserAttribute($row->user_attribute);
1152 $this->setFilter($row->filter);
1153 $this->setGroupDN($row->group_dn);
1154 $this->setGroupScope($row->group_scope);
1155 $this->setGroupFilter($row->group_filter);
1156 $this->setGroupMember($row->group_member);
1157 $this->setGroupAttribute($row->group_attribute);
1158 $this->toggleMembershipOptional($row->group_optional);
1159 $this->setGroupUserFilter($row->group_user_filter);
1160 $this->enableGroupMemberIsDN($row->group_memberisdn);
1161 $this->setGroupName($row->group_name);
1162 $this->enableSyncOnLogin($row->sync_on_login);
1163 $this->enableSyncPerCron($row->sync_per_cron);
1164 $this->enableRoleSynchronization($row->role_sync_active);
1165 $this->setRoleBindDN($row->role_bind_dn);
1166 $this->setRoleBindPassword($row->role_bind_pass);
1167 $this->enableAccountMigration($row->migration);
1168 $this->enableAuthentication($row->authentication);
1169 $this->setAuthenticationMapping($row->authentication_type);
1170 // start Patch Name Filter
1171 $this->setUsernameFilter($row->username_filter);
1172 // end Patch Name Filter
1173 }
1174 }
1175}
1176?>
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
IL_LDAP_BIND_TEST
const IL_LDAP_BIND_TEST
Definition: class.ilLDAPQuery.php:26
IL_LDAP_BIND_USER
const IL_LDAP_BIND_USER
Definition: class.ilLDAPServer.php:6
IL_LDAP_SCOPE_BASE
const IL_LDAP_SCOPE_BASE
Definition: class.ilLDAPServer.php:10
IL_LDAP_BIND_ANONYMOUS
const IL_LDAP_BIND_ANONYMOUS
Definition: class.ilLDAPServer.php:5
IL_LDAP_SCOPE_ONE
const IL_LDAP_SCOPE_ONE
Definition: class.ilLDAPServer.php:9
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:431
ilLDAPAttributeMapping\_delete
static _delete($a_server_id)
Delete mapping rules by server id.
Definition: class.ilLDAPAttributeMapping.php:82
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:65
ilLDAPRoleAssignmentRule\_getRules
_getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:214
ilLDAPRoleAssignmentRules\getAttributeNames
static getAttributeNames($a_server_id)
get all possible attribute names
Definition: class.ilLDAPRoleAssignmentRules.php:83
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:387
ilLDAPServer\setGroupScope
setGroupScope($a_value)
Definition: class.ilLDAPServer.php:742
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:200
ilLDAPServer\isAuthenticationEnabled
isAuthenticationEnabled()
Check if authentication is enabled.
Definition: class.ilLDAPServer.php:447
ilLDAPServer\setGroupName
setGroupName($a_value)
Definition: class.ilLDAPServer.php:681
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:314
ilLDAPServer\read
read()
Read server settings.
Definition: class.ilLDAPServer.php:1128
ilLDAPServer\setGroupAttribute
setGroupAttribute($a_value)
Definition: class.ilLDAPServer.php:712
ilLDAPServer\setAuthenticationMapping
setAuthenticationMapping($a_map)
Set mapped authentication mapping.
Definition: class.ilLDAPServer.php:456
ilLDAPServer\_getCronServerIds
static _getCronServerIds()
Get list of acticve servers with option 'SyncCron'.
Definition: class.ilLDAPServer.php:126
ilLDAPServer\disableDataSourceForAuthMode
static disableDataSourceForAuthMode($a_authmode)
Disable data source.
Definition: class.ilLDAPServer.php:331
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:95
ilLDAPServer\setSearchBase
setSearchBase($a_search_base)
Definition: class.ilLDAPServer.php:633
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:58
ilLDAPServer\enableSyncOnLogin
enableSyncOnLogin($a_value)
Definition: class.ilLDAPServer.php:762
ilLDAPServer\getAuthenticationMapping
getAuthenticationMapping()
Get authentication mode that is mapped.
Definition: class.ilLDAPServer.php:465
ilLDAPServer\doConnectionCheck
doConnectionCheck()
Check ldap connection and do a fallback to the next server if no connection is possible.
Definition: class.ilLDAPServer.php:532
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:105
ilLDAPServer\_getPasswordServers
static _getPasswordServers()
Checks whether password synchronistation is enabled for an user.
Definition: class.ilLDAPServer.php:174
ilLDAPServer\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
get auth mode by key
Definition: class.ilLDAPServer.php:401
ilLDAPServer\toggleTLS
toggleTLS($a_status)
Definition: class.ilLDAPServer.php:594
ilLDAPServer\setRoleBindDN
setRoleBindDN($a_value)
Definition: class.ilLDAPServer.php:782
ilLDAPServer\enableGroupMemberIsDN
enableGroupMemberIsDN($a_value)
Definition: class.ilLDAPServer.php:738
ilLDAPServer\setUsernameFilter
setUsernameFilter($a_value)
Definition: class.ilLDAPServer.php:807
ilLDAPServer\toPearAuthArray
toPearAuthArray()
Creates an array of options compatible to PEAR Auth.
Definition: class.ilLDAPServer.php:1008
ilLDAPServer\validate
validate()
Validate user input.
Definition: class.ilLDAPServer.php:841
ilLDAPServer\_getAllServer
static _getAllServer()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:241
ilLDAPServer\enableSyncPerCron
enableSyncPerCron($a_value)
Definition: class.ilLDAPServer.php:770
ilLDAPServer\toggleReferrer
toggleReferrer($a_status)
Definition: class.ilLDAPServer.php:586
ilLDAPServer\setUserScope
setUserScope($a_value)
Definition: class.ilLDAPServer.php:750
ilLDAPServer\setGroupUserFilter
setGroupUserFilter($a_filter)
Definition: class.ilLDAPServer.php:725
ilLDAPServer\enableRoleSynchronization
enableRoleSynchronization($a_value)
Definition: class.ilLDAPServer.php:798
ilLDAPServer\DEFAULT_NETWORK_TIMEOUT
const DEFAULT_NETWORK_TIMEOUT
Definition: class.ilLDAPServer.php:30
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:371
ilLDAPServer\isDataSourceActive
static isDataSourceActive($a_auth_mode)
Check if a data source is active for a specific auth mode @global ilDB $ilDB.
Definition: class.ilLDAPServer.php:299
ilLDAPServer\getAuthenticationMappingKey
getAuthenticationMappingKey()
Get authentication mapping key Default is ldap.
Definition: class.ilLDAPServer.php:475
ilLDAPServer\setFilter
setFilter($a_filter)
Definition: class.ilLDAPServer.php:649
ilLDAPServer\getGroupNames
getGroupNames()
Get group names as array.
Definition: class.ilLDAPServer.php:692
ilLDAPServer\toggleMembershipOptional
toggleMembershipOptional($a_status)
Definition: class.ilLDAPServer.php:717
ilLDAPServer\__construct
__construct($a_server_id=0)
Definition: class.ilLDAPServer.php:42
ilLDAPServer\setRoleBindPassword
setRoleBindPassword($a_value)
Definition: class.ilLDAPServer.php:790
ilLDAPServer\getPearAtributeArray
getPearAtributeArray()
Get attribute array for pear auth data.
Definition: class.ilLDAPServer.php:1102
ilLDAPServer\isAccountMigrationEnabled
isAccountMigrationEnabled()
enabled account migration
Definition: class.ilLDAPServer.php:830
ilLDAPServer\rotateFallbacks
rotateFallbacks()
Rotate fallback urls in case of connect timeouts.
Definition: class.ilLDAPServer.php:71
ilLDAPServer\setBindPassword
setBindPassword($a_password)
Definition: class.ilLDAPServer.php:625
ilLDAPServer\toggleDataSource
static toggleDataSource($a_ldap_server_id, $a_auth_mode, $a_status)
Toggle Data Source.
Definition: class.ilLDAPServer.php:350
ilLDAPServer\toggleActive
toggleActive($a_status)
Definition: class.ilLDAPServer.php:487
ilLDAPServer\setGroupMember
setGroupMember($a_value)
Definition: class.ilLDAPServer.php:673
ilLDAPServer\setVersion
setVersion($a_version)
Definition: class.ilLDAPServer.php:570
ilLDAPServer\_getFirstServer
static _getFirstServer()
Definition: class.ilLDAPServer.php:262
ilLDAPServer\setGroupFilter
setGroupFilter($a_value)
Definition: class.ilLDAPServer.php:665
ilLDAPServer\setBaseDN
setBaseDN($a_base_dn)
Definition: class.ilLDAPServer.php:578
ilLDAPServer\setUserAttribute
setUserAttribute($a_user_attr)
Definition: class.ilLDAPServer.php:641
ilLDAPServer\_getRoleSyncServerIds
static _getRoleSyncServerIds()
Check whether there if there is an active server with option role_sync_active.
Definition: class.ilLDAPServer.php:150
ilLDAPServer\enableAccountMigration
enableAccountMigration($a_status)
Enable account migration.
Definition: class.ilLDAPServer.php:819
ilLDAPServer\enableAuthentication
enableAuthentication($a_status)
Enable authentication for this ldap server.
Definition: class.ilLDAPServer.php:438
ilLDAPServer\getAvailableDataSources
static getAvailableDataSources($a_auth_mode)
Definition: class.ilLDAPServer.php:274
ilLDAPServer\_getFirstActiveServer
static _getFirstActiveServer()
Get first active server.
Definition: class.ilLDAPServer.php:185
ilLDAPServer\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:416
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids @global ilDB $ilDB.
Definition: class.ilLDAPServer.php:219
ilLDAPServer\prepareFilter
prepareFilter($a_filter)
Create brackets for filters if they do not exist.
Definition: class.ilLDAPServer.php:1075
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
$server
$server
Definition: dummy_client.php:12
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
$ilErr
$ilErr
Definition: inc.setup_header.php:67
$lng
global $lng
Definition: privfeed.php:40
$url
$url
Definition: shib_logout.php:72
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$options
if(!is_array($argv)) $options
Definition: tcpdf_addfont.php:137