ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilLDAPServer.php
Go to the documentation of this file.
1 <?php
2 
3 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
4 
5 define('IL_LDAP_BIND_ANONYMOUS',0);
6 define('IL_LDAP_BIND_USER',1);
7 
8 define('IL_LDAP_SCOPE_SUB',0);
9 define('IL_LDAP_SCOPE_ONE',1);
10 define('IL_LDAP_SCOPE_BASE',2);
11 
24 class ilLDAPServer
25 {
26  private static $instances = array();
27 
28  const DEBUG = false;
29  const DEFAULT_VERSION = 3;
30  const DEFAULT_NETWORK_TIMEOUT = 5;
31 
32  private $role_bind_dn = '';
33  private $role_bind_pass = '';
34  private $role_sync_active = 0;
35 
36  private $server_id = null;
37  private $fallback_urls = array();
38 
39  private $enabled_authentication = true;
40  private $authentication_mapping = 0;
41 
42  public function __construct($a_server_id = 0)
43  {
44  global $ilDB,$lng;
45 
46  $this->db = $ilDB;
47  $this->lng = $lng;
48  $this->server_id = $a_server_id;
49 
50  $this->read();
51  }
52 
58  public static function getInstanceByServerId($a_server_id)
59  {
60  if(isset(self::$instances[$a_server_id]))
61  {
62  return self::$instances[$a_server_id];
63  }
64  return self::$instances[$a_server_id] = new ilLDAPServer($a_server_id);
65  }
66 
71  public function rotateFallbacks()
72  {
73  global $ilDB;
74 
75  if(!$this->fallback_urls)
76  {
77  return FALSE;
78  }
79 
80  $all_urls = array_merge($this->fallback_urls);
81  $all_urls[] = $this->getUrl();
82 
83  $query = 'UPDATE ldap_server_settings SET '.
84  'url = '.$ilDB->quote(implode(',', $all_urls),'text').' '.
85  'WHERE server_id = '.$ilDB->quote($this->getServerId(),'integer');
86  $ilDB->manipulate($query);
87  return TRUE;
88  }
89 
90 
95  public static function checkLDAPLib()
96  {
97  return function_exists('ldap_bind');
98  }
99 
105  public static function _getActiveServerList()
106  {
107  global $ilDB;
108 
109  $query = "SELECT server_id FROM ldap_server_settings ".
110  "WHERE active = 1 AND authentication = 1 ".
111  "ORDER BY name ";
112  $res = $ilDB->query($query);
113  $server_ids = array();
114  while($row = $ilDB->fetchObject($res))
115  {
116  $server_ids[] = $row->server_id;
117  }
118  return $server_ids;
119  }
120 
126  public static function _getCronServerIds()
127  {
128  global $ilDB;
129 
130  $query = "SELECT server_id FROM ldap_server_settings ".
131  "WHERE active = 1 ".
132  "AND sync_per_cron = 1 ".
133  "ORDER BY name";
134 
135  $res = $ilDB->query($query);
136  while($row = $ilDB->fetchObject($res))
137  {
138  $server_ids[] = $row->server_id;
139  }
140  return $server_ids ? $server_ids : array();
141  }
142 
150  public static function _getRoleSyncServerIds()
151  {
152  global $ilDB;
153 
154  $query = "SELECT server_id FROM ldap_server_settings ".
155  "WHERE active = 1 ".
156  "AND role_sync_active = 1 ";
157 
158  $res = $ilDB->query($query);
159  $server_ids = array();
160  while($row = $ilDB->fetchObject($res))
161  {
162  $server_ids[] = $row->server_id;
163  }
164  return $server_ids;
165  }
166 
174  public static function _getPasswordServers()
175  {
176  return ilLDAPServer::_getActiveServerList();
177  }
178 
179 
185  public static function _getFirstActiveServer()
186  {
187  $servers = ilLDAPServer::_getActiveServerList();
188  if(count($servers))
189  {
190  return $servers[0];
191  }
192  return 0;
193  }
194 
200  public static function _getServerList()
201  {
202  global $ilDB;
203 
204  $query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
205 
206  $res = $ilDB->query($query);
207  while($row = $ilDB->fetchObject($res))
208  {
209  $server_ids[] = $row->server_id;
210  }
211  return $server_ids ? $server_ids : array();
212  }
213 
219  public static function getServerIds()
220  {
221  global $ilDB;
222 
223  $query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
224 
225 
226  $res = $ilDB->query($query);
227 
228  $server = array();
229  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
230  {
231  $server[] = $row->server_id;
232  }
233  return $server;
234  }
235 
241  public static function _getAllServer()
242  {
243  global $ilDB;
244 
245  $query = "SELECT * FROM ldap_server_settings ORDER BY name";
246 
247  $server = array();
248 
249  $res = $ilDB->query($query);
250  while($row = $ilDB->fetchAssoc($res))
251  {
252  $server[] = $row;
253  }
254  return $server;
255  }
256 
257  /*
258  * Get first server id
259  *
260  * @return integer server_id
261  */
262  public static function _getFirstServer()
263  {
264  $servers = ilLDAPServer::_getServerList();
265 
266  if(count($servers))
267  {
268  return $servers[0];
269  }
270  return 0;
271  }
272 
273 
274  public static function getAvailableDataSources($a_auth_mode)
275  {
276  global $ilDB;
277 
278  $query = "SELECT server_id FROM ldap_server_settings ".
279  "WHERE active = ".$ilDB->quote(1,'integer')." ".
280  "AND authentication = ".$ilDB->quote(0,'integer')." ".
281  "AND ( authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
282  "OR authentication_type = ".$ilDB->quote(0,'integer').")";
283  $res = $ilDB->query($query);
284 
285  $server_ids = array();
286  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
287  {
288  $server_ids[] = $row->server_id;
289  }
290  return $server_ids;
291  }
292 
299  public static function isDataSourceActive($a_auth_mode)
300  {
301  global $ilDB;
302 
303  $query = "SELECT server_id FROM ldap_server_settings ".
304  "WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
305  "AND authentication = ".$ilDB->quote(0,'integer');
306  $res = $ilDB->query($query);
307  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
308  {
309  return true;
310  }
311  return false;
312  }
313 
314  public static function getDataSource($a_auth_mode)
315  {
316  global $ilDB;
317 
318  $query = "SELECT server_id FROM ldap_server_settings ".
319  "WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ";
320  $res = $ilDB->query($query);
321  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
322  {
323  return $row->server_id;
324  }
325  return 0;
326  }
327 
331  public static function disableDataSourceForAuthMode($a_authmode)
332  {
333  global $ilDB;
334 
335  $query = 'UPDATE ldap_server_settings '.
336  'SET authentication_type = '. $ilDB->quote(0,'integer').' '.
337  'WHERE authentication_type = '.$ilDB->quote($a_authmode,'integer');
338  $ilDB->manipulate($query);
339  return true;
340  }
341 
342 
343 
350  public static function toggleDataSource($a_ldap_server_id, $a_auth_mode,$a_status)
351  {
352  global $ilDB;
353 
354  self::disableDataSourceForAuthMode($a_auth_mode);
355 
356  if($a_status)
357  {
358  $query = "UPDATE ldap_server_settings ".
359  'SET authentication_type = '.$ilDB->quote($a_auth_mode,'integer')." ".
360  'WHERE server_id = '.$ilDB->quote($a_ldap_server_id,'integer');
361  $ilDB->manipulate($query);
362  }
363  return true;
364  }
365 
366  // begin-patch ldap_multiple
371  public static function isAuthModeLDAP($a_auth_mode)
372  {
373  if(!$a_auth_mode)
374  {
375  $GLOBALS['ilLog']->write(__METHOD__.': No auth mode given..............');
376  return false;
377  }
378  $auth_arr = explode('_', $a_auth_mode);
379  return ($auth_arr[0] == AUTH_LDAP) and $auth_arr[1];
380  }
381 
387  public static function getServerIdByAuthMode($a_auth_mode)
388  {
389  if(self::isAuthModeLDAP($a_auth_mode))
390  {
391  $auth_arr = explode('_', $a_auth_mode);
392  return $auth_arr[1];
393  }
394  return NULL;
395  }
396 
401  public static function getAuthModeByKey($a_auth_key)
402  {
403  $auth_arr = explode('_', $a_auth_key);
404  if(count((array) $auth_arr) > 1)
405  {
406  return 'ldap_'.$auth_arr[1];
407  }
408  return 'ldap';
409  }
410 
416  public static function getKeyByAuthMode($a_auth_mode)
417  {
418  $auth_arr = explode('_', $a_auth_mode);
419  if(count((array) $auth_arr) > 1)
420  {
421  return AUTH_LDAP.'_'.$auth_arr[1];
422  }
423  return AUTH_LDAP;
424  }
425 
426  // end-patch ldap_multiple
427 
428  // Set/Get
429  public function getServerId()
430  {
431  return $this->server_id;
432  }
433 
438  public function enableAuthentication($a_status)
439  {
440  $this->enabled_authentication = (bool) $a_status;
441  }
442 
447  public function isAuthenticationEnabled()
448  {
449  return (bool) $this->enabled_authentication;
450  }
451 
456  public function setAuthenticationMapping($a_map)
457  {
458  $this->authentication_mapping = $a_map;
459  }
460 
465  public function getAuthenticationMapping()
466  {
467  return $this->authentication_mapping;
468  }
469 
475  public function getAuthenticationMappingKey()
476  {
477  if($this->isAuthenticationEnabled() or !$this->getAuthenticationMapping())
478  {
479  // begin-patch ldap_multiple
480  return 'ldap_'.$this->getServerId();
481  #return 'ldap';
482  // end-patch ldap_multiple
483  }
484  return ilAuthUtils::_getAuthModeName($this->getAuthenticationMapping());
485  }
486 
487  public function toggleActive($a_status)
488  {
489  $this->active = $a_status;
490  }
491  public function isActive()
492  {
493  return $this->active;
494  }
495  public function getUrl()
496  {
497  return $this->url;
498  }
499  public function setUrl($a_url)
500  {
501  $this->url_string = $a_url;
502 
503  // Maybe there are more than one url's (comma seperated).
504  $urls = explode(',',$a_url);
505 
506  $counter = 0;
507  foreach($urls as $url)
508  {
509  $url = trim($url);
510  if(!$counter++)
511  {
512  $this->url = $url;
513  }
514  else
515  {
516  $this->fallback_urls[] = $url;
517  }
518  }
519  }
520  public function getUrlString()
521  {
522  return $this->url_string;
523  }
524 
532  public function doConnectionCheck()
533  {
534  include_once('Services/LDAP/classes/class.ilLDAPQuery.php');
535 
536  foreach(array_merge(array(0 => $this->url),$this->fallback_urls) as $url)
537  {
538  try
539  {
540  ilLoggerFactory::getLogger('auth')->debug('Using url: ' . $url);
541  // Need to do a full bind, since openldap return valid connection links for invalid hosts
542  $query = new ilLDAPQuery($this,$url);
543  $query->bind(IL_LDAP_BIND_TEST);
544  $this->url = $url;
545  return TRUE;
546  }
547  catch(ilLDAPQueryException $exc)
548  {
549  $this->rotateFallbacks();
550  ilLoggerFactory::getLogger('auth')->error('Cannot connect to LDAP server: '. $url .' '. $exc->getCode().' '. $exc->getMessage());
551  }
552  }
553  ilLoggerFactory::getLogger('auth')->warning('No valid LDAP server found');
554  return FALSE;
555  }
556 
557 
558  public function getName()
559  {
560  return $this->name;
561  }
562  public function setName($a_name)
563  {
564  $this->name = $a_name;
565  }
566  public function getVersion()
567  {
568  return $this->version ? $this->version : self::DEFAULT_VERSION;
569  }
570  public function setVersion($a_version)
571  {
572  $this->version = $a_version;
573  }
574  public function getBaseDN()
575  {
576  return $this->base_dn;
577  }
578  public function setBaseDN($a_base_dn)
579  {
580  $this->base_dn = $a_base_dn;
581  }
582  public function isActiveReferrer()
583  {
584  return $this->referrals ? true : false;
585  }
586  public function toggleReferrer($a_status)
587  {
588  $this->referrals = $a_status;
589  }
590  public function isActiveTLS()
591  {
592  return $this->tls ? true : false;
593  }
594  public function toggleTLS($a_status)
595  {
596  $this->tls = $a_status;
597  }
598  public function getBindingType()
599  {
600  return $this->binding_type;
601  }
602  public function setBindingType($a_type)
603  {
604  if($a_type == IL_LDAP_BIND_USER)
605  {
606  $this->binding_type = IL_LDAP_BIND_USER;
607  }
608  else
609  {
610  $this->binding_type = IL_LDAP_BIND_ANONYMOUS;
611  }
612  }
613  public function getBindUser()
614  {
615  return $this->bind_user;
616  }
617  public function setBindUser($a_user)
618  {
619  $this->bind_user = $a_user;
620  }
621  public function getBindPassword()
622  {
623  return $this->bind_password;
624  }
625  public function setBindPassword($a_password)
626  {
627  $this->bind_password = $a_password;
628  }
629  public function getSearchBase()
630  {
631  return $this->search_base;
632  }
633  public function setSearchBase($a_search_base)
634  {
635  $this->search_base = $a_search_base;
636  }
637  public function getUserAttribute()
638  {
639  return $this->user_attribute;
640  }
641  public function setUserAttribute($a_user_attr)
642  {
643  $this->user_attribute = $a_user_attr;
644  }
645  public function getFilter()
646  {
647  return $this->prepareFilter($this->filter);
648  }
649  public function setFilter($a_filter)
650  {
651  $this->filter = $a_filter;
652  }
653  public function getGroupDN()
654  {
655  return $this->group_dn;
656  }
657  public function setGroupDN($a_value)
658  {
659  $this->group_dn = $a_value;
660  }
661  public function getGroupFilter()
662  {
663  return $this->prepareFilter($this->group_filter);
664  }
665  public function setGroupFilter($a_value)
666  {
667  $this->group_filter = $a_value;
668  }
669  public function getGroupMember()
670  {
671  return $this->group_member;
672  }
673  public function setGroupMember($a_value)
674  {
675  $this->group_member = $a_value;
676  }
677  public function getGroupName()
678  {
679  return $this->group_name;
680  }
681  public function setGroupName($a_value)
682  {
683  $this->group_name = $a_value;
684  }
692  public function getGroupNames()
693  {
694  $names = explode(',',$this->getGroupName());
695 
696  if(!is_array($names))
697  {
698  return array();
699  }
700  foreach($names as $name)
701  {
702  $name = trim($name);
703  if(strlen($name))
704  {
705  $new_names[] = trim($name);
706  }
707  }
708  return $new_names;
709  }
710 
711 
712  public function getGroupAttribute()
713  {
714  return $this->group_attribute;
715  }
716  public function setGroupAttribute($a_value)
717  {
718  $this->group_attribute = $a_value;
719  }
720 
721  public function toggleMembershipOptional($a_status)
722  {
723  $this->group_optional = (bool) $a_status;
724  }
725  public function isMembershipOptional()
726  {
727  return (bool) $this->group_optional;
728  }
729  public function setGroupUserFilter($a_filter)
730  {
731  $this->group_user_filter = $a_filter;
732  }
733  public function getGroupUserFilter()
734  {
735  return $this->group_user_filter;
736  }
737 
738  public function enabledGroupMemberIsDN()
739  {
740  return (bool) $this->memberisdn;
741  }
742  public function enableGroupMemberIsDN($a_value)
743  {
744  $this->memberisdn = (bool) $a_value;
745  }
746  public function setGroupScope($a_value)
747  {
748  $this->group_scope = $a_value;
749  }
750  public function getGroupScope()
751  {
752  return $this->group_scope;
753  }
754  public function setUserScope($a_value)
755  {
756  $this->user_scope = $a_value;
757  }
758  public function getUserScope()
759  {
760  return $this->user_scope;
761  }
762  public function enabledSyncOnLogin()
763  {
764  return $this->sync_on_login;
765  }
766  public function enableSyncOnLogin($a_value)
767  {
768  $this->sync_on_login = (int) $a_value;
769  }
770  public function enabledSyncPerCron()
771  {
772  return $this->sync_per_cron;
773  }
774  public function enableSyncPerCron($a_value)
775  {
776  $this->sync_per_cron = (int) $a_value;
777  }
778  public function setGlobalRole($a_role)
779  {
780  $this->global_role = $a_role;
781  }
782  public function getRoleBindDN()
783  {
784  return $this->role_bind_dn;
785  }
786  public function setRoleBindDN($a_value)
787  {
788  $this->role_bind_dn = $a_value;
789  }
790  public function getRoleBindPassword()
791  {
792  return $this->role_bind_pass;
793  }
794  public function setRoleBindPassword($a_value)
795  {
796  $this->role_bind_pass = $a_value;
797  }
798  public function enabledRoleSynchronization()
799  {
800  return $this->role_sync_active;
801  }
802  public function enableRoleSynchronization($a_value)
803  {
804  $this->role_sync_active = $a_value;
805  }
806  // start Patch Name Filter
807  public function getUsernameFilter()
808  {
809  return $this->username_filter;
810  }
811  public function setUsernameFilter($a_value)
812  {
813  $this->username_filter = $a_value;
814  }// end Patch Name Filter
815 
823  public function enableAccountMigration($a_status)
824  {
825  $this->account_migration = $a_status;
826  }
827 
834  public function isAccountMigrationEnabled()
835  {
836  return $this->account_migration ? true : false;
837  }
838 
839 
845  public function validate()
846  {
847  global $ilErr;
848 
849  $ilErr->setMessage('');
850  if(!strlen($this->getName()) ||
851  !strlen($this->getUrl()) ||
852  !strlen($this->getBaseDN()) ||
853  !strlen($this->getUserAttribute()))
854  {
855  $ilErr->setMessage($this->lng->txt('fill_out_all_required_fields'));
856  }
857 
858  if($this->getBindingType() == IL_LDAP_BIND_USER
859  && (!strlen($this->getBindUser()) || !strlen($this->getBindPassword())))
860  {
861  $ilErr->appendMessage($this->lng->txt('ldap_missing_bind_user'));
862  }
863 
864  if(($this->enabledSyncPerCron() or $this->enabledSyncOnLogin()) and !$this->global_role)
865  {
866  $ilErr->appendMessage($this->lng->txt('ldap_missing_role_assignment'));
867  }
868  if($this->getVersion() == 2 and $this->isActiveTLS())
869  {
870  $ilErr->appendMessage($this->lng->txt('ldap_tls_conflict'));
871  }
872 
873  return strlen($ilErr->getMessage()) ? false : true;
874  }
875 
876  public function create()
877  {
878  global $ilDB;
879  // start Patch Name Filter remove ",username_filter", ",%s", ",$this->getUsernameFilter()"
880  $next_id = $ilDB->nextId('ldap_server_settings');
881 
882  $query = 'INSERT INTO ldap_server_settings (server_id,active,name,url,version,base_dn,referrals,tls,bind_type,bind_user,bind_pass,'.
883  'search_base,user_scope,user_attribute,filter,group_dn,group_scope,group_filter,group_member,group_memberisdn,group_name,'.
884  'group_attribute,group_optional,group_user_filter,sync_on_login,sync_per_cron,role_sync_active,role_bind_dn,role_bind_pass,migration, '.
885  'authentication,authentication_type,username_filter) '.
886  'VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)';
887  $res = $ilDB->queryF($query,
888  array(
889  'integer','integer','text','text','integer','text','integer','integer','integer','text','text','text','integer',
890  'text','text','text','integer','text','text','integer','text','text','integer','text','integer','integer','integer',
891  'text','text', 'integer','integer','integer',"text"),
892  array(
893  $next_id,
894  $this->isActive(),
895  $this->getName(),
896  $this->getUrlString(),
897  $this->getVersion(),
898  $this->getBaseDN(),
899  $this->isActiveReferrer(),
900  $this->isActiveTLS(),
901  $this->getBindingType(),
902  $this->getBindUser(),
903  $this->getBindPassword(),
904  $this->getSearchBase(),
905  $this->getUserScope(),
906  $this->getUserAttribute(),
907  $this->getFilter(),
908  $this->getGroupDN(),
909  $this->getGroupScope(),
910  $this->getGroupFilter(),
911  $this->getGroupMember(),
912  $this->enabledGroupMemberIsDN(),
913  $this->getGroupName(),
914  $this->getGroupAttribute(),
915  $this->isMembershipOptional(),
916  $this->getGroupUserFilter(),
917  $this->enabledSyncOnLogin(),
918  $this->enabledSyncPerCron(),
919  $this->enabledRoleSynchronization(),
920  $this->getRoleBindDN(),
921  $this->getRoleBindPassword(),
922  $this->isAccountMigrationEnabled(),
923  $this->isAuthenticationEnabled(),
924  $this->getAuthenticationMapping(),
925  $this->getUsernameFilter()
926  ));
927  // end Patch Name Filter
928  $this->server_id = $next_id;
929  return $next_id;
930  }
931 
932  public function update()
933  {
934  global $ilDB;
935 
936  $query = "UPDATE ldap_server_settings SET ".
937  "active = ".$this->db->quote($this->isActive(),'integer').", ".
938  "name = ".$this->db->quote($this->getName(),'text').", ".
939  "url = ".$this->db->quote($this->getUrlString(),'text').", ".
940  "version = ".$this->db->quote($this->getVersion(),'integer').", ".
941  "base_dn = ".$this->db->quote($this->getBaseDN(),'text').", ".
942  "referrals = ".$this->db->quote($this->isActiveReferrer(),'integer').", ".
943  "tls = ".$this->db->quote($this->isActiveTLS(),'integer').", ".
944  "bind_type = ".$this->db->quote($this->getBindingType(),'integer').", ".
945  "bind_user = ".$this->db->quote($this->getBindUser(),'text').", ".
946  "bind_pass = ".$this->db->quote($this->getBindPassword(),'text').", ".
947  "search_base = ".$this->db->quote($this->getSearchBase(),'text').", ".
948  "user_scope = ".$this->db->quote($this->getUserScope(),'integer').", ".
949  "user_attribute = ".$this->db->quote($this->getUserAttribute(),'text').", ".
950  "filter = ".$this->db->quote($this->getFilter(),'text').", ".
951  "group_dn = ".$this->db->quote($this->getGroupDN(),'text').", ".
952  "group_scope = ".$this->db->quote($this->getGroupScope(),'integer').", ".
953  "group_filter = ".$this->db->quote($this->getGroupFilter(),'text').", ".
954  "group_member = ".$this->db->quote($this->getGroupMember(),'text').", ".
955  "group_memberisdn =".$this->db->quote((int) $this->enabledGroupMemberIsDN(),'integer').", ".
956  "group_name = ".$this->db->quote($this->getGroupName(),'text').", ".
957  "group_attribute = ".$this->db->quote($this->getGroupAttribute(),'text').", ".
958  "group_optional = ".$this->db->quote((int) $this->isMembershipOptional(),'integer').", ".
959  "group_user_filter = ".$this->db->quote($this->getGroupUserFilter(),'text').", ".
960  "sync_on_login = ".$this->db->quote(($this->enabledSyncOnLogin() ? 1 : 0),'integer').", ".
961  "sync_per_cron = ".$this->db->quote(($this->enabledSyncPerCron() ? 1 : 0),'integer').", ".
962  "role_sync_active = ".$this->db->quote($this->enabledRoleSynchronization(),'integer').", ".
963  "role_bind_dn = ".$this->db->quote($this->getRoleBindDN(),'text').", ".
964  "role_bind_pass = ".$this->db->quote($this->getRoleBindPassword(),'text').", ".
965  "migration = ".$this->db->quote((int)$this->isAccountMigrationEnabled(),'integer').", ".
966  'authentication = '.$this->db->quote((int) $this->isAuthenticationEnabled(),'integer').', '.
967  'authentication_type = '.$this->db->quote((int) $this->getAuthenticationMapping(),'integer').' '.
968  // start Patch Name Filter
969  ", username_filter = ".$this->db->quote($this->getUsernameFilter(), "text")." ".
970  // end Patch Name Filter
971  "WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
972 
973  $res = $ilDB->manipulate($query);
974  return true;
975  }
976 
980  public function delete()
981  {
982  if(!$this->getServerId())
983  {
984  return false;
985  }
986 
987  include_once 'Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
988  ilLDAPAttributeMapping::_delete($this->getServerId());
989 
990  include_once 'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
991  $rules = ilLDAPRoleAssignmentRule::_getRules($this->getServerId());
992 
993  foreach($rules as $ruleAssigment)
994  {
995  $ruleAssigment->delete();
996  }
997 
998  include_once 'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
999  ilLDAPRoleGroupMappingSettings::_deleteByServerId($this->getServerId());
1000 
1001  $query = "DELETE FROM ldap_server_settings ".
1002  "WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
1003  $res = $this->db->manipulate($query);
1004 
1005  }
1006 
1012  public function toPearAuthArray()
1013  {
1014  $options = array(
1015  'url' => $this->getUrl(),
1016  'version' => (int) $this->getVersion(),
1017  'referrals' => (bool) $this->isActiveReferrer());
1018 
1019  if($this->getBindingType() == IL_LDAP_BIND_USER)
1020  {
1021  $options['binddn'] = $this->getBindUser();
1022  $options['bindpw'] = $this->getBindPassword();
1023  }
1024  $options['basedn'] = $this->getBaseDN();
1025  $options['start_tls'] = (bool) $this->isActiveTLS();
1026  $options['userdn'] = $this->getSearchBase();
1027  switch($this->getUserScope())
1028  {
1029  case IL_LDAP_SCOPE_ONE:
1030  $options['userscope'] = 'one';
1031  break;
1032  default:
1033  $options['userscope'] = 'sub';
1034  break;
1035  }
1036 
1037  $options['userattr'] = $this->getUserAttribute();
1038  $options['userfilter'] = $this->getFilter();
1039  $options['attributes'] = $this->getPearAtributeArray();
1040  $options['debug'] = self::DEBUG;
1041 
1042  if(@include_once('Log.php'))
1043  {
1044  if(@include_once('Log/observer.php'))
1045  {
1046  $options['enableLogging'] = true;
1047  }
1048  }
1049  switch($this->getGroupScope())
1050  {
1051  case IL_LDAP_SCOPE_BASE:
1052  $options['groupscope'] = 'base';
1053  break;
1054  case IL_LDAP_SCOPE_ONE:
1055  $options['groupscope'] = 'one';
1056  break;
1057  default:
1058  $options['groupscope'] = 'sub';
1059  break;
1060  }
1061  $options['groupdn'] = $this->getGroupDN();
1062  $options['groupattr'] = $this->getGroupAttribute();
1063  $options['groupfilter'] = $this->getGroupFilter();
1064  $options['memberattr'] = $this->getGroupMember();
1065  $options['memberisdn'] = $this->enabledGroupMemberIsDN();
1066  $options['group'] = $this->getGroupName();
1067 
1068 
1069  return $options;
1070  }
1071 
1079  private function prepareFilter($a_filter)
1080  {
1081  $filter = trim($a_filter);
1082 
1083  if(!strlen($filter))
1084  {
1085  return $filter;
1086  }
1087 
1088  if(strpos($filter,'(') !== 0)
1089  {
1090  $filter = ('('.$filter);
1091  }
1092  if(substr($filter,-1) != ')')
1093  {
1094  $filter = ($filter.')');
1095  }
1096  return $filter;
1097  }
1098 
1106  private function getPearAtributeArray()
1107  {
1108  if($this->enabledSyncOnLogin())
1109  {
1110  include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1111  include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php');
1112  $mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServerId());
1113  return array_merge(
1114  array($this->getUserAttribute()),
1115  $mapping->getFields(),
1116  array('dn'),
1117  ilLDAPRoleAssignmentRules::getAttributeNames($this->getServerId())
1118  );
1119  }
1120  else
1121  {
1122  return array($this->getUserAttribute());
1123  }
1124  }
1125 
1126 
1127 
1132  private function read()
1133  {
1134  if(!$this->server_id)
1135  {
1136  return true;
1137  }
1138  $query = "SELECT * FROM ldap_server_settings WHERE server_id = ".$this->db->quote($this->server_id)."";
1139 
1140  $res = $this->db->query($query);
1141  while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1142  {
1143  $this->toggleActive($row->active);
1144  $this->setName($row->name);
1145  $this->setUrl($row->url);
1146  $this->setVersion($row->version);
1147  $this->setBaseDN($row->base_dn);
1148  $this->toggleReferrer($row->referrals);
1149  $this->toggleTLS($row->tls);
1150  $this->setBindingType($row->bind_type);
1151  $this->setBindUser($row->bind_user);
1152  $this->setBindPassword($row->bind_pass);
1153  $this->setSearchBase($row->search_base);
1154  $this->setUserScope($row->user_scope);
1155  $this->setUserAttribute($row->user_attribute);
1156  $this->setFilter($row->filter);
1157  $this->setGroupDN($row->group_dn);
1158  $this->setGroupScope($row->group_scope);
1159  $this->setGroupFilter($row->group_filter);
1160  $this->setGroupMember($row->group_member);
1161  $this->setGroupAttribute($row->group_attribute);
1162  $this->toggleMembershipOptional($row->group_optional);
1163  $this->setGroupUserFilter($row->group_user_filter);
1164  $this->enableGroupMemberIsDN($row->group_memberisdn);
1165  $this->setGroupName($row->group_name);
1166  $this->enableSyncOnLogin($row->sync_on_login);
1167  $this->enableSyncPerCron($row->sync_per_cron);
1168  $this->enableRoleSynchronization($row->role_sync_active);
1169  $this->setRoleBindDN($row->role_bind_dn);
1170  $this->setRoleBindPassword($row->role_bind_pass);
1171  $this->enableAccountMigration($row->migration);
1172  $this->enableAuthentication($row->authentication);
1173  $this->setAuthenticationMapping($row->authentication_type);
1174  // start Patch Name Filter
1175  $this->setUsernameFilter($row->username_filter);
1176  // end Patch Name Filter
1177  }
1178  }
1179 }
1180 ?>
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:95
ilLDAPServer\__construct
__construct($a_server_id=0)
Definition: class.ilLDAPServer.php:42
ilLDAPServer\_getFirstActiveServer
static _getFirstActiveServer()
Get first active server.
Definition: class.ilLDAPServer.php:185
ilLDAPServer\prepareFilter
prepareFilter($a_filter)
Create brackets for filters if they do not exist.
Definition: class.ilLDAPServer.php:1079
$ilErr
global $ilErr
Definition: raiseError.php:16
ilLDAPServer\setVersion
setVersion($a_version)
Definition: class.ilLDAPServer.php:570
ilLDAPServer\read
read()
Read server settings.
Definition: class.ilLDAPServer.php:1132
IL_LDAP_BIND_USER
const IL_LDAP_BIND_USER
Definition: class.ilLDAPServer.php:6
ilLDAPServer\enableSyncOnLogin
enableSyncOnLogin($a_value)
Definition: class.ilLDAPServer.php:766
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:371
ilLDAPServer\setGroupScope
setGroupScope($a_value)
Definition: class.ilLDAPServer.php:746
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:65
ilLDAPServer\toggleTLS
toggleTLS($a_status)
Definition: class.ilLDAPServer.php:594
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:200
ilLDAPServer\setAuthenticationMapping
setAuthenticationMapping($a_map)
Set mapped authentication mapping.
Definition: class.ilLDAPServer.php:456
ilLDAPServer\enableGroupMemberIsDN
enableGroupMemberIsDN($a_value)
Definition: class.ilLDAPServer.php:742
ilLDAPServer\enableAccountMigration
enableAccountMigration($a_status)
Enable account migration.
Definition: class.ilLDAPServer.php:823
ilLDAPServer\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
get auth mode by key
Definition: class.ilLDAPServer.php:401
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
IL_LDAP_BIND_ANONYMOUS
const IL_LDAP_BIND_ANONYMOUS
Definition: class.ilLDAPServer.php:5
ilLDAPServer\enableRoleSynchronization
enableRoleSynchronization($a_value)
Definition: class.ilLDAPServer.php:802
ilLDAPServer\_getAllServer
static _getAllServer()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:241
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
ilLDAPServer\setGroupFilter
setGroupFilter($a_value)
Definition: class.ilLDAPServer.php:665
ilLDAPServer\validate
validate()
Validate user input.
Definition: class.ilLDAPServer.php:845
ilLDAPServer\getAvailableDataSources
static getAvailableDataSources($a_auth_mode)
Definition: class.ilLDAPServer.php:274
ilLDAPServer\enableSyncPerCron
enableSyncPerCron($a_value)
Definition: class.ilLDAPServer.php:774
$url
$url
Definition: shib_logout.php:72
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:105
ilLDAPServer\getPearAtributeArray
getPearAtributeArray()
Get attribute array for pear auth data.
Definition: class.ilLDAPServer.php:1106
ilLDAPServer\toggleReferrer
toggleReferrer($a_status)
Definition: class.ilLDAPServer.php:586
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:484
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:58
ilLDAPRoleAssignmentRules\getAttributeNames
static getAttributeNames($a_server_id)
get all possible attribute names
Definition: class.ilLDAPRoleAssignmentRules.php:83
ilLDAPServer\disableDataSourceForAuthMode
static disableDataSourceForAuthMode($a_authmode)
Disable data source.
Definition: class.ilLDAPServer.php:331
ilLDAPRoleAssignmentRule\_getRules
static _getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:189
ilLDAPServer\toggleMembershipOptional
toggleMembershipOptional($a_status)
Definition: class.ilLDAPServer.php:721
IL_LDAP_BIND_TEST
const IL_LDAP_BIND_TEST
Definition: class.ilLDAPQuery.php:26
ilLDAPServer\toggleActive
toggleActive($a_status)
Definition: class.ilLDAPServer.php:487
DEBUG
const DEBUG
Definition: inc.setup_header.php:39
$counter
$counter
Definition: config-scanner.php:59
$a_type
$a_type
Definition: workflow.php:93
ilLDAPServer\setRoleBindPassword
setRoleBindPassword($a_value)
Definition: class.ilLDAPServer.php:794
ilLDAPServer\setUserScope
setUserScope($a_value)
Definition: class.ilLDAPServer.php:754
ilLDAPServer\DEFAULT_NETWORK_TIMEOUT
const DEFAULT_NETWORK_TIMEOUT
Definition: class.ilLDAPServer.php:30
ilLDAPServer\getGroupNames
getGroupNames()
Get group names as array.
Definition: class.ilLDAPServer.php:692
ilLDAPServer\isDataSourceActive
static isDataSourceActive($a_auth_mode)
Check if a data source is active for a specific auth mode ilDB $ilDB.
Definition: class.ilLDAPServer.php:299
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids ilDB $ilDB.
Definition: class.ilLDAPServer.php:219
$options
if(!is_array($argv)) $options
Definition: tcpdf_addfont.php:137
ilLDAPServer\setGroupUserFilter
setGroupUserFilter($a_filter)
Definition: class.ilLDAPServer.php:729
ilLDAPServer\getAuthenticationMapping
getAuthenticationMapping()
Get authentication mode that is mapped.
Definition: class.ilLDAPServer.php:465
ilLDAPServer\doConnectionCheck
doConnectionCheck()
Check ldap connection and do a fallback to the next server if no connection is possible.
Definition: class.ilLDAPServer.php:532
ilLDAPServer\setBaseDN
setBaseDN($a_base_dn)
Definition: class.ilLDAPServer.php:578
IL_LDAP_SCOPE_ONE
const IL_LDAP_SCOPE_ONE
Definition: class.ilLDAPServer.php:9
ilLDAPServer\setGroupMember
setGroupMember($a_value)
Definition: class.ilLDAPServer.php:673
ilLDAPServer\_getCronServerIds
static _getCronServerIds()
Get list of acticve servers with option &#39;SyncCron&#39;.
Definition: class.ilLDAPServer.php:126
ilLDAPAttributeMapping\_delete
static _delete($a_server_id)
Delete mapping rules by server id.
Definition: class.ilLDAPAttributeMapping.php:82
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:314
ilLDAPServer\setRoleBindDN
setRoleBindDN($a_value)
Definition: class.ilLDAPServer.php:786
ilLDAPServer\setBindPassword
setBindPassword($a_password)
Definition: class.ilLDAPServer.php:625
ilLDAPServer\toPearAuthArray
toPearAuthArray()
Creates an array of options compatible to PEAR Auth.
Definition: class.ilLDAPServer.php:1012
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:387
ilLDAPServer\isAuthenticationEnabled
isAuthenticationEnabled()
Check if authentication is enabled.
Definition: class.ilLDAPServer.php:447
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
ilLDAPServer\setSearchBase
setSearchBase($a_search_base)
Definition: class.ilLDAPServer.php:633
$server
$server
Definition: dummy_client.php:12
ilLDAPServer\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:416
ilLDAPServer\setGroupName
setGroupName($a_value)
Definition: class.ilLDAPServer.php:681
ilLDAPServer\enableAuthentication
enableAuthentication($a_status)
Enable authentication for this ldap server.
Definition: class.ilLDAPServer.php:438
ilLDAPServer\setUserAttribute
setUserAttribute($a_user_attr)
Definition: class.ilLDAPServer.php:641
$lng
global $lng
Definition: privfeed.php:17
ilLDAPServer\setFilter
setFilter($a_filter)
Definition: class.ilLDAPServer.php:649
ilLDAPServer\rotateFallbacks
rotateFallbacks()
Rotate fallback urls in case of connect timeouts.
Definition: class.ilLDAPServer.php:71
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
ilLDAPServer\_getPasswordServers
static _getPasswordServers()
Checks whether password synchronistation is enabled for an user.
Definition: class.ilLDAPServer.php:174
ilLDAPServer\setUsernameFilter
setUsernameFilter($a_value)
Definition: class.ilLDAPServer.php:811
ilLDAPServer\getAuthenticationMappingKey
getAuthenticationMappingKey()
Get authentication mapping key Default is ldap.
Definition: class.ilLDAPServer.php:475
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
ilLDAPServer\setGroupAttribute
setGroupAttribute($a_value)
Definition: class.ilLDAPServer.php:716
IL_LDAP_SCOPE_BASE
const IL_LDAP_SCOPE_BASE
Definition: class.ilLDAPServer.php:10
ilLDAPServer\_getRoleSyncServerIds
static _getRoleSyncServerIds()
Check whether there if there is an active server with option role_sync_active.
Definition: class.ilLDAPServer.php:150
ilLDAPServer\_getFirstServer
static _getFirstServer()
Definition: class.ilLDAPServer.php:262
ilLDAPServer\toggleDataSource
static toggleDataSource($a_ldap_server_id, $a_auth_mode, $a_status)
Toggle Data Source.
Definition: class.ilLDAPServer.php:350
ilLDAPServer\isAccountMigrationEnabled
isAccountMigrationEnabled()
enabled account migration
Definition: class.ilLDAPServer.php:834