ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilLDAPServer.php
Go to the documentation of this file.
1 <?php
2 
3 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
4 
5 define('IL_LDAP_BIND_ANONYMOUS',0);
6 define('IL_LDAP_BIND_USER',1);
7 
8 define('IL_LDAP_SCOPE_SUB',0);
9 define('IL_LDAP_SCOPE_ONE',1);
10 define('IL_LDAP_SCOPE_BASE',2);
11 
24 class ilLDAPServer
25 {
26  private static $instances = array();
27 
28  const DEBUG = false;
29  const DEFAULT_VERSION = 3;
30  const DEFAULT_NETWORK_TIMEOUT = 5;
31 
32  private $role_bind_dn = '';
33  private $role_bind_pass = '';
34  private $role_sync_active = 0;
35 
36  private $server_id = null;
37  private $fallback_urls = array();
38 
39  private $enabled_authentication = true;
40  private $authentication_mapping = 0;
41 
42  public function __construct($a_server_id = 0)
43  {
44  global $ilDB,$lng;
45 
46  $this->db = $ilDB;
47  $this->lng = $lng;
48  $this->server_id = $a_server_id;
49 
50  $this->read();
51  }
52 
58  public static function getInstanceByServerId($a_server_id)
59  {
60  if(isset(self::$instances[$a_server_id]))
61  {
62  return self::$instances[$a_server_id];
63  }
64  return self::$instances[$a_server_id] = new ilLDAPServer($a_server_id);
65  }
66 
71  public function rotateFallbacks()
72  {
73  global $ilDB;
74 
75  if(!$this->fallback_urls)
76  {
77  return FALSE;
78  }
79 
80  $all_urls = array_merge($this->fallback_urls);
81  $all_urls[] = $this->getUrl();
82 
83  $query = 'UPDATE ldap_server_settings SET '.
84  'url = '.$ilDB->quote(implode(',', $all_urls),'text').' '.
85  'WHERE server_id = '.$ilDB->quote($this->getServerId(),'integer');
86  $ilDB->manipulate($query);
87  return TRUE;
88  }
89 
90 
95  public static function checkLDAPLib()
96  {
97  return function_exists('ldap_bind');
98  }
99 
105  public static function _getActiveServerList()
106  {
107  global $ilDB;
108 
109  $query = "SELECT server_id FROM ldap_server_settings ".
110  "WHERE active = 1 AND authentication = 1 ".
111  "ORDER BY name ";
112  $res = $ilDB->query($query);
113  $server_ids = array();
114  while($row = $ilDB->fetchObject($res))
115  {
116  $server_ids[] = $row->server_id;
117  }
118  return $server_ids;
119  }
120 
126  public static function _getCronServerIds()
127  {
128  global $ilDB;
129 
130  $query = "SELECT server_id FROM ldap_server_settings ".
131  "WHERE active = 1 ".
132  "AND sync_per_cron = 1 ".
133  "ORDER BY name";
134 
135  $res = $ilDB->query($query);
136  while($row = $ilDB->fetchObject($res))
137  {
138  $server_ids[] = $row->server_id;
139  }
140  return $server_ids ? $server_ids : array();
141  }
142 
150  public static function _getRoleSyncServerIds()
151  {
152  global $ilDB;
153 
154  $query = "SELECT server_id FROM ldap_server_settings ".
155  "WHERE active = 1 ".
156  "AND role_sync_active = 1 ";
157 
158  $res = $ilDB->query($query);
159  $server_ids = array();
160  while($row = $ilDB->fetchObject($res))
161  {
162  $server_ids[] = $row->server_id;
163  }
164  return $server_ids;
165  }
166 
174  public static function _getPasswordServers()
175  {
176  return ilLDAPServer::_getActiveServerList();
177  }
178 
179 
185  public static function _getFirstActiveServer()
186  {
187  $servers = ilLDAPServer::_getActiveServerList();
188  if(count($servers))
189  {
190  return $servers[0];
191  }
192  return 0;
193  }
194 
200  public static function _getServerList()
201  {
202  global $ilDB;
203 
204  $query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
205 
206  $res = $ilDB->query($query);
207  while($row = $ilDB->fetchObject($res))
208  {
209  $server_ids[] = $row->server_id;
210  }
211  return $server_ids ? $server_ids : array();
212  }
213 
219  public static function getServerIds()
220  {
221  global $ilDB;
222 
223  $query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
224 
225 
226  $res = $ilDB->query($query);
227 
228  $server = array();
229  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
230  {
231  $server[] = $row->server_id;
232  }
233  return $server;
234  }
235 
241  public static function _getAllServer()
242  {
243  global $ilDB;
244 
245  $query = "SELECT * FROM ldap_server_settings ORDER BY name";
246 
247  $server = array();
248 
249  $res = $ilDB->query($query);
250  while($row = $ilDB->fetchAssoc($res))
251  {
252  $server[] = $row;
253  }
254  return $server;
255  }
256 
257  /*
258  * Get first server id
259  *
260  * @return integer server_id
261  */
262  public static function _getFirstServer()
263  {
264  $servers = ilLDAPServer::_getServerList();
265 
266  if(count($servers))
267  {
268  return $servers[0];
269  }
270  return 0;
271  }
272 
273 
274  public static function getAvailableDataSources($a_auth_mode)
275  {
276  global $ilDB;
277 
278  $query = "SELECT server_id FROM ldap_server_settings ".
279  "WHERE active = ".$ilDB->quote(1,'integer')." ".
280  "AND authentication = ".$ilDB->quote(0,'integer')." ".
281  "AND ( authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
282  "OR authentication_type = ".$ilDB->quote(0,'integer').")";
283  $res = $ilDB->query($query);
284 
285  $server_ids = array();
286  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
287  {
288  $server_ids[] = $row->server_id;
289  }
290  return $server_ids;
291  }
292 
299  public static function isDataSourceActive($a_auth_mode)
300  {
301  global $ilDB;
302 
303  $query = "SELECT server_id FROM ldap_server_settings ".
304  "WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
305  "AND authentication = ".$ilDB->quote(0,'integer');
306  $res = $ilDB->query($query);
307  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
308  {
309  return true;
310  }
311  return false;
312  }
313 
314  public static function getDataSource($a_auth_mode)
315  {
316  global $ilDB;
317 
318  $query = "SELECT server_id FROM ldap_server_settings ".
319  "WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ";
320  $res = $ilDB->query($query);
321  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
322  {
323  return $row->server_id;
324  }
325  return 0;
326  }
327 
331  public static function disableDataSourceForAuthMode($a_authmode)
332  {
333  global $ilDB;
334 
335  $query = 'UPDATE ldap_server_settings '.
336  'SET authentication_type = '. $ilDB->quote(0,'integer').' '.
337  'WHERE authentication_type = '.$ilDB->quote($a_authmode,'integer');
338  $ilDB->manipulate($query);
339  return true;
340  }
341 
342 
343 
350  public static function toggleDataSource($a_ldap_server_id, $a_auth_mode,$a_status)
351  {
352  global $ilDB;
353 
354  self::disableDataSourceForAuthMode($a_auth_mode);
355 
356  if($a_status)
357  {
358  $query = "UPDATE ldap_server_settings ".
359  'SET authentication_type = '.$ilDB->quote($a_auth_mode,'integer')." ".
360  'WHERE server_id = '.$ilDB->quote($a_ldap_server_id,'integer');
361  $ilDB->manipulate($query);
362  }
363  return true;
364  }
365 
366  // begin-patch ldap_multiple
371  public static function isAuthModeLDAP($a_auth_mode)
372  {
373  if(!$a_auth_mode)
374  {
375  $GLOBALS['ilLog']->write(__METHOD__.': No auth mode given..............');
376  return false;
377  }
378  $auth_arr = explode('_', $a_auth_mode);
379  return ($auth_arr[0] == AUTH_LDAP) and $auth_arr[1];
380  }
381 
387  public static function getServerIdByAuthMode($a_auth_mode)
388  {
389  if(self::isAuthModeLDAP($a_auth_mode))
390  {
391  $auth_arr = explode('_', $a_auth_mode);
392  return $auth_arr[1];
393  }
394  return NULL;
395  }
396 
401  public static function getAuthModeByKey($a_auth_key)
402  {
403  $auth_arr = explode('_', $a_auth_key);
404  if(count((array) $auth_arr) > 1)
405  {
406  return 'ldap_'.$auth_arr[1];
407  }
408  return 'ldap';
409  }
410 
416  public static function getKeyByAuthMode($a_auth_mode)
417  {
418  $auth_arr = explode('_', $a_auth_mode);
419  if(count((array) $auth_arr) > 1)
420  {
421  return AUTH_LDAP.'_'.$auth_arr[1];
422  }
423  return AUTH_LDAP;
424  }
425 
426  // end-patch ldap_multiple
427 
428  // Set/Get
429  public function getServerId()
430  {
431  return $this->server_id;
432  }
433 
438  public function enableAuthentication($a_status)
439  {
440  $this->enabled_authentication = (bool) $a_status;
441  }
442 
447  public function isAuthenticationEnabled()
448  {
449  return (bool) $this->enabled_authentication;
450  }
451 
456  public function setAuthenticationMapping($a_map)
457  {
458  $this->authentication_mapping = $a_map;
459  }
460 
465  public function getAuthenticationMapping()
466  {
467  return $this->authentication_mapping;
468  }
469 
475  public function getAuthenticationMappingKey()
476  {
477  if($this->isAuthenticationEnabled() or !$this->getAuthenticationMapping())
478  {
479  // begin-patch ldap_multiple
480  return 'ldap_'.$this->getServerId();
481  #return 'ldap';
482  // end-patch ldap_multiple
483  }
484  return ilAuthUtils::_getAuthModeName($this->getAuthenticationMapping());
485  }
486 
487  public function toggleActive($a_status)
488  {
489  $this->active = $a_status;
490  }
491  public function isActive()
492  {
493  return $this->active;
494  }
495  public function getUrl()
496  {
497  return $this->url;
498  }
499  public function setUrl($a_url)
500  {
501  $this->url_string = $a_url;
502 
503  // Maybe there are more than one url's (comma seperated).
504  $urls = explode(',',$a_url);
505 
506  $counter = 0;
507  foreach($urls as $url)
508  {
509  $url = trim($url);
510  if(!$counter++)
511  {
512  $this->url = $url;
513  }
514  else
515  {
516  $this->fallback_urls[] = $url;
517  }
518  }
519  }
520  public function getUrlString()
521  {
522  return $this->url_string;
523  }
524 
532  public function doConnectionCheck()
533  {
534  include_once('Services/LDAP/classes/class.ilLDAPQuery.php');
535 
536  foreach(array_merge(array(0 => $this->url),$this->fallback_urls) as $url)
537  {
538  try
539  {
540  ilLoggerFactory::getLogger('auth')->debug('Using url: ' . $url);
541  // Need to do a full bind, since openldap return valid connection links for invalid hosts
542  $query = new ilLDAPQuery($this,$url);
543  $query->bind(IL_LDAP_BIND_TEST);
544  $this->url = $url;
545  return TRUE;
546  }
547  catch(ilLDAPQueryException $exc)
548  {
549  $this->rotateFallbacks();
550  ilLoggerFactory::getLogger('auth')->error('Cannot connect to LDAP server: '. $url .' '. $exc->getCode().' '. $exc->getMessage());
551  }
552  }
553  ilLoggerFactory::getLogger('auth')->warning('No valid LDAP server found');
554  return FALSE;
555  }
556 
557 
558  public function getName()
559  {
560  return $this->name;
561  }
562  public function setName($a_name)
563  {
564  $this->name = $a_name;
565  }
566  public function getVersion()
567  {
568  return $this->version ? $this->version : self::DEFAULT_VERSION;
569  }
570  public function setVersion($a_version)
571  {
572  $this->version = $a_version;
573  }
574  public function getBaseDN()
575  {
576  return $this->base_dn;
577  }
578  public function setBaseDN($a_base_dn)
579  {
580  $this->base_dn = $a_base_dn;
581  }
582  public function isActiveReferrer()
583  {
584  return $this->referrals ? true : false;
585  }
586  public function toggleReferrer($a_status)
587  {
588  $this->referrals = $a_status;
589  }
590  public function isActiveTLS()
591  {
592  return $this->tls ? true : false;
593  }
594  public function toggleTLS($a_status)
595  {
596  $this->tls = $a_status;
597  }
598  public function getBindingType()
599  {
600  return $this->binding_type;
601  }
602  public function setBindingType($a_type)
603  {
604  if($a_type == IL_LDAP_BIND_USER)
605  {
606  $this->binding_type = IL_LDAP_BIND_USER;
607  }
608  else
609  {
610  $this->binding_type = IL_LDAP_BIND_ANONYMOUS;
611  }
612  }
613  public function getBindUser()
614  {
615  return $this->bind_user;
616  }
617  public function setBindUser($a_user)
618  {
619  $this->bind_user = $a_user;
620  }
621  public function getBindPassword()
622  {
623  return $this->bind_password;
624  }
625  public function setBindPassword($a_password)
626  {
627  $this->bind_password = $a_password;
628  }
629  public function getSearchBase()
630  {
631  return $this->search_base;
632  }
633  public function setSearchBase($a_search_base)
634  {
635  $this->search_base = $a_search_base;
636  }
637  public function getUserAttribute()
638  {
639  return $this->user_attribute;
640  }
641  public function setUserAttribute($a_user_attr)
642  {
643  $this->user_attribute = $a_user_attr;
644  }
645  public function getFilter()
646  {
647  return $this->prepareFilter($this->filter);
648  }
649  public function setFilter($a_filter)
650  {
651  $this->filter = $a_filter;
652  }
653  public function getGroupDN()
654  {
655  return $this->group_dn;
656  }
657  public function setGroupDN($a_value)
658  {
659  $this->group_dn = $a_value;
660  }
661  public function getGroupFilter()
662  {
663  return $this->prepareFilter($this->group_filter);
664  }
665  public function setGroupFilter($a_value)
666  {
667  $this->group_filter = $a_value;
668  }
669  public function getGroupMember()
670  {
671  return $this->group_member;
672  }
673  public function setGroupMember($a_value)
674  {
675  $this->group_member = $a_value;
676  }
677  public function getGroupName()
678  {
679  return $this->group_name;
680  }
681  public function setGroupName($a_value)
682  {
683  $this->group_name = $a_value;
684  }
692  public function getGroupNames()
693  {
694  $names = explode(',',$this->getGroupName());
695 
696  if(!is_array($names))
697  {
698  return array();
699  }
700  foreach($names as $name)
701  {
702  $new_names[] = trim($name);
703  }
704  return $new_names;
705  }
706 
707 
708  public function getGroupAttribute()
709  {
710  return $this->group_attribute;
711  }
712  public function setGroupAttribute($a_value)
713  {
714  $this->group_attribute = $a_value;
715  }
716 
717  public function toggleMembershipOptional($a_status)
718  {
719  $this->group_optional = (bool) $a_status;
720  }
721  public function isMembershipOptional()
722  {
723  return (bool) $this->group_optional;
724  }
725  public function setGroupUserFilter($a_filter)
726  {
727  $this->group_user_filter = $a_filter;
728  }
729  public function getGroupUserFilter()
730  {
731  return $this->group_user_filter;
732  }
733 
734  public function enabledGroupMemberIsDN()
735  {
736  return (bool) $this->memberisdn;
737  }
738  public function enableGroupMemberIsDN($a_value)
739  {
740  $this->memberisdn = (bool) $a_value;
741  }
742  public function setGroupScope($a_value)
743  {
744  $this->group_scope = $a_value;
745  }
746  public function getGroupScope()
747  {
748  return $this->group_scope;
749  }
750  public function setUserScope($a_value)
751  {
752  $this->user_scope = $a_value;
753  }
754  public function getUserScope()
755  {
756  return $this->user_scope;
757  }
758  public function enabledSyncOnLogin()
759  {
760  return $this->sync_on_login;
761  }
762  public function enableSyncOnLogin($a_value)
763  {
764  $this->sync_on_login = (int) $a_value;
765  }
766  public function enabledSyncPerCron()
767  {
768  return $this->sync_per_cron;
769  }
770  public function enableSyncPerCron($a_value)
771  {
772  $this->sync_per_cron = (int) $a_value;
773  }
774  public function setGlobalRole($a_role)
775  {
776  $this->global_role = $a_role;
777  }
778  public function getRoleBindDN()
779  {
780  return $this->role_bind_dn;
781  }
782  public function setRoleBindDN($a_value)
783  {
784  $this->role_bind_dn = $a_value;
785  }
786  public function getRoleBindPassword()
787  {
788  return $this->role_bind_pass;
789  }
790  public function setRoleBindPassword($a_value)
791  {
792  $this->role_bind_pass = $a_value;
793  }
794  public function enabledRoleSynchronization()
795  {
796  return $this->role_sync_active;
797  }
798  public function enableRoleSynchronization($a_value)
799  {
800  $this->role_sync_active = $a_value;
801  }
802  // start Patch Name Filter
803  public function getUsernameFilter()
804  {
805  return $this->username_filter;
806  }
807  public function setUsernameFilter($a_value)
808  {
809  $this->username_filter = $a_value;
810  }// end Patch Name Filter
811 
819  public function enableAccountMigration($a_status)
820  {
821  $this->account_migration = $a_status;
822  }
823 
830  public function isAccountMigrationEnabled()
831  {
832  return $this->account_migration ? true : false;
833  }
834 
835 
841  public function validate()
842  {
843  global $ilErr;
844 
845  $ilErr->setMessage('');
846  if(!strlen($this->getName()) ||
847  !strlen($this->getUrl()) ||
848  !strlen($this->getBaseDN()) ||
849  !strlen($this->getUserAttribute()))
850  {
851  $ilErr->setMessage($this->lng->txt('fill_out_all_required_fields'));
852  }
853 
854  if($this->getBindingType() == IL_LDAP_BIND_USER
855  && (!strlen($this->getBindUser()) || !strlen($this->getBindPassword())))
856  {
857  $ilErr->appendMessage($this->lng->txt('ldap_missing_bind_user'));
858  }
859 
860  if(($this->enabledSyncPerCron() or $this->enabledSyncOnLogin()) and !$this->global_role)
861  {
862  $ilErr->appendMessage($this->lng->txt('ldap_missing_role_assignment'));
863  }
864  if($this->getVersion() == 2 and $this->isActiveTLS())
865  {
866  $ilErr->appendMessage($this->lng->txt('ldap_tls_conflict'));
867  }
868 
869  return strlen($ilErr->getMessage()) ? false : true;
870  }
871 
872  public function create()
873  {
874  global $ilDB;
875  // start Patch Name Filter remove ",username_filter", ",%s", ",$this->getUsernameFilter()"
876  $next_id = $ilDB->nextId('ldap_server_settings');
877 
878  $query = 'INSERT INTO ldap_server_settings (server_id,active,name,url,version,base_dn,referrals,tls,bind_type,bind_user,bind_pass,'.
879  'search_base,user_scope,user_attribute,filter,group_dn,group_scope,group_filter,group_member,group_memberisdn,group_name,'.
880  'group_attribute,group_optional,group_user_filter,sync_on_login,sync_per_cron,role_sync_active,role_bind_dn,role_bind_pass,migration, '.
881  'authentication,authentication_type,username_filter) '.
882  'VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)';
883  $res = $ilDB->queryF($query,
884  array(
885  'integer','integer','text','text','integer','text','integer','integer','integer','text','text','text','integer',
886  'text','text','text','integer','text','text','integer','text','text','integer','text','integer','integer','integer',
887  'text','text', 'integer','integer','integer',"text"),
888  array(
889  $next_id,
890  $this->isActive(),
891  $this->getName(),
892  $this->getUrlString(),
893  $this->getVersion(),
894  $this->getBaseDN(),
895  $this->isActiveReferrer(),
896  $this->isActiveTLS(),
897  $this->getBindingType(),
898  $this->getBindUser(),
899  $this->getBindPassword(),
900  $this->getSearchBase(),
901  $this->getUserScope(),
902  $this->getUserAttribute(),
903  $this->getFilter(),
904  $this->getGroupDN(),
905  $this->getGroupScope(),
906  $this->getGroupFilter(),
907  $this->getGroupMember(),
908  $this->enabledGroupMemberIsDN(),
909  $this->getGroupName(),
910  $this->getGroupAttribute(),
911  $this->isMembershipOptional(),
912  $this->getGroupUserFilter(),
913  $this->enabledSyncOnLogin(),
914  $this->enabledSyncPerCron(),
915  $this->enabledRoleSynchronization(),
916  $this->getRoleBindDN(),
917  $this->getRoleBindPassword(),
918  $this->isAccountMigrationEnabled(),
919  $this->isAuthenticationEnabled(),
920  $this->getAuthenticationMapping(),
921  $this->getUsernameFilter()
922  ));
923  // end Patch Name Filter
924  $this->server_id = $next_id;
925  return $next_id;
926  }
927 
928  public function update()
929  {
930  global $ilDB;
931 
932  $query = "UPDATE ldap_server_settings SET ".
933  "active = ".$this->db->quote($this->isActive(),'integer').", ".
934  "name = ".$this->db->quote($this->getName(),'text').", ".
935  "url = ".$this->db->quote($this->getUrlString(),'text').", ".
936  "version = ".$this->db->quote($this->getVersion(),'integer').", ".
937  "base_dn = ".$this->db->quote($this->getBaseDN(),'text').", ".
938  "referrals = ".$this->db->quote($this->isActiveReferrer(),'integer').", ".
939  "tls = ".$this->db->quote($this->isActiveTLS(),'integer').", ".
940  "bind_type = ".$this->db->quote($this->getBindingType(),'integer').", ".
941  "bind_user = ".$this->db->quote($this->getBindUser(),'text').", ".
942  "bind_pass = ".$this->db->quote($this->getBindPassword(),'text').", ".
943  "search_base = ".$this->db->quote($this->getSearchBase(),'text').", ".
944  "user_scope = ".$this->db->quote($this->getUserScope(),'integer').", ".
945  "user_attribute = ".$this->db->quote($this->getUserAttribute(),'text').", ".
946  "filter = ".$this->db->quote($this->getFilter(),'text').", ".
947  "group_dn = ".$this->db->quote($this->getGroupDN(),'text').", ".
948  "group_scope = ".$this->db->quote($this->getGroupScope(),'integer').", ".
949  "group_filter = ".$this->db->quote($this->getGroupFilter(),'text').", ".
950  "group_member = ".$this->db->quote($this->getGroupMember(),'text').", ".
951  "group_memberisdn =".$this->db->quote((int) $this->enabledGroupMemberIsDN(),'integer').", ".
952  "group_name = ".$this->db->quote($this->getGroupName(),'text').", ".
953  "group_attribute = ".$this->db->quote($this->getGroupAttribute(),'text').", ".
954  "group_optional = ".$this->db->quote((int) $this->isMembershipOptional(),'integer').", ".
955  "group_user_filter = ".$this->db->quote($this->getGroupUserFilter(),'text').", ".
956  "sync_on_login = ".$this->db->quote(($this->enabledSyncOnLogin() ? 1 : 0),'integer').", ".
957  "sync_per_cron = ".$this->db->quote(($this->enabledSyncPerCron() ? 1 : 0),'integer').", ".
958  "role_sync_active = ".$this->db->quote($this->enabledRoleSynchronization(),'integer').", ".
959  "role_bind_dn = ".$this->db->quote($this->getRoleBindDN(),'text').", ".
960  "role_bind_pass = ".$this->db->quote($this->getRoleBindPassword(),'text').", ".
961  "migration = ".$this->db->quote((int)$this->isAccountMigrationEnabled(),'integer').", ".
962  'authentication = '.$this->db->quote((int) $this->isAuthenticationEnabled(),'integer').', '.
963  'authentication_type = '.$this->db->quote((int) $this->getAuthenticationMapping(),'integer').' '.
964  // start Patch Name Filter
965  ", username_filter = ".$this->db->quote($this->getUsernameFilter(), "text")." ".
966  // end Patch Name Filter
967  "WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
968 
969  $res = $ilDB->manipulate($query);
970  return true;
971  }
972 
976  public function delete()
977  {
978  if(!$this->getServerId())
979  {
980  return false;
981  }
982 
983  include_once 'Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
984  ilLDAPAttributeMapping::_delete($this->getServerId());
985 
986  include_once 'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
987  $rules = ilLDAPRoleAssignmentRule::_getRules($this->getServerId());
988 
989  foreach($rules as $ruleAssigment)
990  {
991  $ruleAssigment->delete();
992  }
993 
994  include_once 'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
995  ilLDAPRoleGroupMappingSettings::_deleteByServerId($this->getServerId());
996 
997  $query = "DELETE FROM ldap_server_settings ".
998  "WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
999  $res = $this->db->manipulate($query);
1000 
1001  }
1002 
1008  public function toPearAuthArray()
1009  {
1010  $options = array(
1011  'url' => $this->getUrl(),
1012  'version' => (int) $this->getVersion(),
1013  'referrals' => (bool) $this->isActiveReferrer());
1014 
1015  if($this->getBindingType() == IL_LDAP_BIND_USER)
1016  {
1017  $options['binddn'] = $this->getBindUser();
1018  $options['bindpw'] = $this->getBindPassword();
1019  }
1020  $options['basedn'] = $this->getBaseDN();
1021  $options['start_tls'] = (bool) $this->isActiveTLS();
1022  $options['userdn'] = $this->getSearchBase();
1023  switch($this->getUserScope())
1024  {
1025  case IL_LDAP_SCOPE_ONE:
1026  $options['userscope'] = 'one';
1027  break;
1028  default:
1029  $options['userscope'] = 'sub';
1030  break;
1031  }
1032 
1033  $options['userattr'] = $this->getUserAttribute();
1034  $options['userfilter'] = $this->getFilter();
1035  $options['attributes'] = $this->getPearAtributeArray();
1036  $options['debug'] = self::DEBUG;
1037 
1038  if(@include_once('Log.php'))
1039  {
1040  if(@include_once('Log/observer.php'))
1041  {
1042  $options['enableLogging'] = true;
1043  }
1044  }
1045  switch($this->getGroupScope())
1046  {
1047  case IL_LDAP_SCOPE_BASE:
1048  $options['groupscope'] = 'base';
1049  break;
1050  case IL_LDAP_SCOPE_ONE:
1051  $options['groupscope'] = 'one';
1052  break;
1053  default:
1054  $options['groupscope'] = 'sub';
1055  break;
1056  }
1057  $options['groupdn'] = $this->getGroupDN();
1058  $options['groupattr'] = $this->getGroupAttribute();
1059  $options['groupfilter'] = $this->getGroupFilter();
1060  $options['memberattr'] = $this->getGroupMember();
1061  $options['memberisdn'] = $this->enabledGroupMemberIsDN();
1062  $options['group'] = $this->getGroupName();
1063 
1064 
1065  return $options;
1066  }
1067 
1075  private function prepareFilter($a_filter)
1076  {
1077  $filter = trim($a_filter);
1078 
1079  if(!strlen($filter))
1080  {
1081  return $filter;
1082  }
1083 
1084  if(strpos($filter,'(') !== 0)
1085  {
1086  $filter = ('('.$filter);
1087  }
1088  if(substr($filter,-1) != ')')
1089  {
1090  $filter = ($filter.')');
1091  }
1092  return $filter;
1093  }
1094 
1102  private function getPearAtributeArray()
1103  {
1104  if($this->enabledSyncOnLogin())
1105  {
1106  include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1107  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php');
1108  $mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServerId());
1109  return array_merge(
1110  array($this->getUserAttribute()),
1111  $mapping->getFields(),
1112  array('dn'),
1113  ilLDAPRoleAssignmentRules::getAttributeNames($this->getServerId())
1114  );
1115  }
1116  else
1117  {
1118  return array($this->getUserAttribute());
1119  }
1120  }
1121 
1122 
1123 
1128  private function read()
1129  {
1130  if(!$this->server_id)
1131  {
1132  return true;
1133  }
1134  $query = "SELECT * FROM ldap_server_settings WHERE server_id = ".$this->db->quote($this->server_id)."";
1135 
1136  $res = $this->db->query($query);
1137  while($row = $res->fetchRow(DB_FETCHMODE_OBJECT))
1138  {
1139  $this->toggleActive($row->active);
1140  $this->setName($row->name);
1141  $this->setUrl($row->url);
1142  $this->setVersion($row->version);
1143  $this->setBaseDN($row->base_dn);
1144  $this->toggleReferrer($row->referrals);
1145  $this->toggleTLS($row->tls);
1146  $this->setBindingType($row->bind_type);
1147  $this->setBindUser($row->bind_user);
1148  $this->setBindPassword($row->bind_pass);
1149  $this->setSearchBase($row->search_base);
1150  $this->setUserScope($row->user_scope);
1151  $this->setUserAttribute($row->user_attribute);
1152  $this->setFilter($row->filter);
1153  $this->setGroupDN($row->group_dn);
1154  $this->setGroupScope($row->group_scope);
1155  $this->setGroupFilter($row->group_filter);
1156  $this->setGroupMember($row->group_member);
1157  $this->setGroupAttribute($row->group_attribute);
1158  $this->toggleMembershipOptional($row->group_optional);
1159  $this->setGroupUserFilter($row->group_user_filter);
1160  $this->enableGroupMemberIsDN($row->group_memberisdn);
1161  $this->setGroupName($row->group_name);
1162  $this->enableSyncOnLogin($row->sync_on_login);
1163  $this->enableSyncPerCron($row->sync_per_cron);
1164  $this->enableRoleSynchronization($row->role_sync_active);
1165  $this->setRoleBindDN($row->role_bind_dn);
1166  $this->setRoleBindPassword($row->role_bind_pass);
1167  $this->enableAccountMigration($row->migration);
1168  $this->enableAuthentication($row->authentication);
1169  $this->setAuthenticationMapping($row->authentication_type);
1170  // start Patch Name Filter
1171  $this->setUsernameFilter($row->username_filter);
1172  // end Patch Name Filter
1173  }
1174  }
1175 }
1176 ?>
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:95
ilLDAPServer\__construct
__construct($a_server_id=0)
Definition: class.ilLDAPServer.php:42
ilLDAPRoleAssignmentRule\_getRules
_getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:214
ilLDAPServer\_getFirstActiveServer
static _getFirstActiveServer()
Get first active server.
Definition: class.ilLDAPServer.php:185
ilLDAPServer\prepareFilter
prepareFilter($a_filter)
Create brackets for filters if they do not exist.
Definition: class.ilLDAPServer.php:1075
ilLDAPServer\setVersion
setVersion($a_version)
Definition: class.ilLDAPServer.php:570
ilLDAPServer\read
read()
Read server settings.
Definition: class.ilLDAPServer.php:1128
IL_LDAP_BIND_USER
const IL_LDAP_BIND_USER
Definition: class.ilLDAPServer.php:6
ilLDAPServer\enableSyncOnLogin
enableSyncOnLogin($a_value)
Definition: class.ilLDAPServer.php:762
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:371
ilLDAPServer\setGroupScope
setGroupScope($a_value)
Definition: class.ilLDAPServer.php:742
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:65
ilLDAPServer\toggleTLS
toggleTLS($a_status)
Definition: class.ilLDAPServer.php:594
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:200
ilLDAPServer\setAuthenticationMapping
setAuthenticationMapping($a_map)
Set mapped authentication mapping.
Definition: class.ilLDAPServer.php:456
ilLDAPServer\enableGroupMemberIsDN
enableGroupMemberIsDN($a_value)
Definition: class.ilLDAPServer.php:738
ilLDAPServer\enableAccountMigration
enableAccountMigration($a_status)
Enable account migration.
Definition: class.ilLDAPServer.php:819
ilLDAPServer\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
get auth mode by key
Definition: class.ilLDAPServer.php:401
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
IL_LDAP_BIND_ANONYMOUS
const IL_LDAP_BIND_ANONYMOUS
Definition: class.ilLDAPServer.php:5
ilLDAPServer\enableRoleSynchronization
enableRoleSynchronization($a_value)
Definition: class.ilLDAPServer.php:798
ilLDAPServer\_getAllServer
static _getAllServer()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:241
ilLDAPServer\setGroupFilter
setGroupFilter($a_value)
Definition: class.ilLDAPServer.php:665
ilLDAPServer\validate
validate()
Validate user input.
Definition: class.ilLDAPServer.php:841
ilLDAPServer\getAvailableDataSources
static getAvailableDataSources($a_auth_mode)
Definition: class.ilLDAPServer.php:274
ilLDAPServer\enableSyncPerCron
enableSyncPerCron($a_value)
Definition: class.ilLDAPServer.php:770
$url
$url
Definition: shib_logout.php:72
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:105
ilLDAPServer\getPearAtributeArray
getPearAtributeArray()
Get attribute array for pear auth data.
Definition: class.ilLDAPServer.php:1102
ilLDAPServer\toggleReferrer
toggleReferrer($a_status)
Definition: class.ilLDAPServer.php:586
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:431
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:58
ilLDAPRoleAssignmentRules\getAttributeNames
static getAttributeNames($a_server_id)
get all possible attribute names
Definition: class.ilLDAPRoleAssignmentRules.php:83
ilLDAPServer\disableDataSourceForAuthMode
static disableDataSourceForAuthMode($a_authmode)
Disable data source.
Definition: class.ilLDAPServer.php:331
ilLDAPServer\toggleMembershipOptional
toggleMembershipOptional($a_status)
Definition: class.ilLDAPServer.php:717
DB_FETCHMODE_OBJECT
const DB_FETCHMODE_OBJECT
Definition: class.ilDB.php:11
IL_LDAP_BIND_TEST
const IL_LDAP_BIND_TEST
Definition: class.ilLDAPQuery.php:26
ilLDAPServer\toggleActive
toggleActive($a_status)
Definition: class.ilLDAPServer.php:487
DEBUG
const DEBUG
Definition: inc.setup_header.php:35
ilLDAPServer\setRoleBindPassword
setRoleBindPassword($a_value)
Definition: class.ilLDAPServer.php:790
ilLDAPServer\setUserScope
setUserScope($a_value)
Definition: class.ilLDAPServer.php:750
ilLDAPServer\DEFAULT_NETWORK_TIMEOUT
const DEFAULT_NETWORK_TIMEOUT
Definition: class.ilLDAPServer.php:30
ilLDAPServer\getGroupNames
getGroupNames()
Get group names as array.
Definition: class.ilLDAPServer.php:692
ilLDAPServer\isDataSourceActive
static isDataSourceActive($a_auth_mode)
Check if a data source is active for a specific auth mode ilDB $ilDB.
Definition: class.ilLDAPServer.php:299
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids ilDB $ilDB.
Definition: class.ilLDAPServer.php:219
$options
if(!is_array($argv)) $options
Definition: tcpdf_addfont.php:137
ilLDAPServer\setGroupUserFilter
setGroupUserFilter($a_filter)
Definition: class.ilLDAPServer.php:725
ilLDAPServer\getAuthenticationMapping
getAuthenticationMapping()
Get authentication mode that is mapped.
Definition: class.ilLDAPServer.php:465
ilLDAPServer\doConnectionCheck
doConnectionCheck()
Check ldap connection and do a fallback to the next server if no connection is possible.
Definition: class.ilLDAPServer.php:532
ilLDAPServer\setBaseDN
setBaseDN($a_base_dn)
Definition: class.ilLDAPServer.php:578
IL_LDAP_SCOPE_ONE
const IL_LDAP_SCOPE_ONE
Definition: class.ilLDAPServer.php:9
ilLDAPServer\setGroupMember
setGroupMember($a_value)
Definition: class.ilLDAPServer.php:673
ilLDAPServer\_getCronServerIds
static _getCronServerIds()
Get list of acticve servers with option &#39;SyncCron&#39;.
Definition: class.ilLDAPServer.php:126
ilLDAPAttributeMapping\_delete
static _delete($a_server_id)
Delete mapping rules by server id.
Definition: class.ilLDAPAttributeMapping.php:82
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:314
ilLDAPServer\setRoleBindDN
setRoleBindDN($a_value)
Definition: class.ilLDAPServer.php:782
ilLDAPServer\setBindPassword
setBindPassword($a_password)
Definition: class.ilLDAPServer.php:625
ilLDAPServer\toPearAuthArray
toPearAuthArray()
Creates an array of options compatible to PEAR Auth.
Definition: class.ilLDAPServer.php:1008
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:387
ilLDAPServer\isAuthenticationEnabled
isAuthenticationEnabled()
Check if authentication is enabled.
Definition: class.ilLDAPServer.php:447
ilLDAPServer\setSearchBase
setSearchBase($a_search_base)
Definition: class.ilLDAPServer.php:633
$server
$server
Definition: dummy_client.php:12
ilLDAPServer\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:416
ilLDAPServer\setGroupName
setGroupName($a_value)
Definition: class.ilLDAPServer.php:681
ilLDAPServer\enableAuthentication
enableAuthentication($a_status)
Enable authentication for this ldap server.
Definition: class.ilLDAPServer.php:438
ilLDAPServer\setUserAttribute
setUserAttribute($a_user_attr)
Definition: class.ilLDAPServer.php:641
$lng
global $lng
Definition: privfeed.php:40
ilLDAPServer\setFilter
setFilter($a_filter)
Definition: class.ilLDAPServer.php:649
ilLDAPServer\rotateFallbacks
rotateFallbacks()
Rotate fallback urls in case of connect timeouts.
Definition: class.ilLDAPServer.php:71
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLDAPServer\_getPasswordServers
static _getPasswordServers()
Checks whether password synchronistation is enabled for an user.
Definition: class.ilLDAPServer.php:174
ilLDAPServer\setUsernameFilter
setUsernameFilter($a_value)
Definition: class.ilLDAPServer.php:807
ilLDAPServer\getAuthenticationMappingKey
getAuthenticationMappingKey()
Get authentication mapping key Default is ldap.
Definition: class.ilLDAPServer.php:475
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
ilLDAPServer\setGroupAttribute
setGroupAttribute($a_value)
Definition: class.ilLDAPServer.php:712
IL_LDAP_SCOPE_BASE
const IL_LDAP_SCOPE_BASE
Definition: class.ilLDAPServer.php:10
ilLDAPServer\_getRoleSyncServerIds
static _getRoleSyncServerIds()
Check whether there if there is an active server with option role_sync_active.
Definition: class.ilLDAPServer.php:150
ilLDAPServer\_getFirstServer
static _getFirstServer()
Definition: class.ilLDAPServer.php:262
ilLDAPServer\toggleDataSource
static toggleDataSource($a_ldap_server_id, $a_auth_mode, $a_status)
Toggle Data Source.
Definition: class.ilLDAPServer.php:350
$ilErr
$ilErr
Definition: inc.setup_header.php:67
ilLDAPServer\isAccountMigrationEnabled
isAccountMigrationEnabled()
enabled account migration
Definition: class.ilLDAPServer.php:830