ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilLDAPServer.php
Go to the documentation of this file.
1<?php
2
3/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
4
5define('IL_LDAP_BIND_ANONYMOUS',0);
6define('IL_LDAP_BIND_USER',1);
7
8define('IL_LDAP_SCOPE_SUB',0);
9define('IL_LDAP_SCOPE_ONE',1);
10define('IL_LDAP_SCOPE_BASE',2);
11
24class ilLDAPServer
25{
26 private static $instances = array();
27
28 const DEBUG = false;
29 const DEFAULT_VERSION = 3;
30 const DEFAULT_NETWORK_TIMEOUT = 5;
31
32 private $role_bind_dn = '';
33 private $role_bind_pass = '';
34 private $role_sync_active = 0;
35
36 private $server_id = null;
37 private $fallback_urls = array();
38
39 private $enabled_authentication = true;
40 private $authentication_mapping = 0;
41
42 public function __construct($a_server_id = 0)
43 {
44 global $ilDB,$lng;
45
46 $this->db = $ilDB;
47 $this->lng = $lng;
48 $this->server_id = $a_server_id;
49
50 $this->read();
51 }
52
58 public static function getInstanceByServerId($a_server_id)
59 {
60 if(isset(self::$instances[$a_server_id]))
61 {
62 return self::$instances[$a_server_id];
63 }
64 return self::$instances[$a_server_id] = new ilLDAPServer($a_server_id);
65 }
66
71 public function rotateFallbacks()
72 {
73 global $ilDB;
74
75 if(!$this->fallback_urls)
76 {
77 return FALSE;
78 }
79
80 $all_urls = array_merge($this->fallback_urls);
81 $all_urls[] = $this->getUrl();
82
83 $query = 'UPDATE ldap_server_settings SET '.
84 'url = '.$ilDB->quote(implode(',', $all_urls),'text').' '.
85 'WHERE server_id = '.$ilDB->quote($this->getServerId(),'integer');
86 $ilDB->manipulate($query);
87 return TRUE;
88 }
89
90
95 public static function checkLDAPLib()
96 {
97 return function_exists('ldap_bind');
98 }
99
105 public static function _getActiveServerList()
106 {
107 global $ilDB;
108
109 $query = "SELECT server_id FROM ldap_server_settings ".
110 "WHERE active = 1 AND authentication = 1 ".
111 "ORDER BY name ";
112 $res = $ilDB->query($query);
113 $server_ids = array();
114 while($row = $ilDB->fetchObject($res))
115 {
116 $server_ids[] = $row->server_id;
117 }
118 return $server_ids;
119 }
120
126 public static function _getCronServerIds()
127 {
128 global $ilDB;
129
130 $query = "SELECT server_id FROM ldap_server_settings ".
131 "WHERE active = 1 ".
132 "AND sync_per_cron = 1 ".
133 "ORDER BY name";
134
135 $res = $ilDB->query($query);
136 while($row = $ilDB->fetchObject($res))
137 {
138 $server_ids[] = $row->server_id;
139 }
140 return $server_ids ? $server_ids : array();
141 }
142
150 public static function _getRoleSyncServerIds()
151 {
152 global $ilDB;
153
154 $query = "SELECT server_id FROM ldap_server_settings ".
155 "WHERE active = 1 ".
156 "AND role_sync_active = 1 ";
157
158 $res = $ilDB->query($query);
159 $server_ids = array();
160 while($row = $ilDB->fetchObject($res))
161 {
162 $server_ids[] = $row->server_id;
163 }
164 return $server_ids;
165 }
166
174 public static function _getPasswordServers()
175 {
176 return ilLDAPServer::_getActiveServerList();
177 }
178
179
185 public static function _getFirstActiveServer()
186 {
187 $servers = ilLDAPServer::_getActiveServerList();
188 if(count($servers))
189 {
190 return $servers[0];
191 }
192 return 0;
193 }
194
200 public static function _getServerList()
201 {
202 global $ilDB;
203
204 $query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
205
206 $res = $ilDB->query($query);
207 while($row = $ilDB->fetchObject($res))
208 {
209 $server_ids[] = $row->server_id;
210 }
211 return $server_ids ? $server_ids : array();
212 }
213
219 public static function getServerIds()
220 {
221 global $ilDB;
222
223 $query = "SELECT server_id FROM ldap_server_settings ORDER BY name";
224
225
226 $res = $ilDB->query($query);
227
228 $server = array();
229 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
230 {
231 $server[] = $row->server_id;
232 }
233 return $server;
234 }
235
241 public static function _getAllServer()
242 {
243 global $ilDB;
244
245 $query = "SELECT * FROM ldap_server_settings ORDER BY name";
246
247 $server = array();
248
249 $res = $ilDB->query($query);
250 while($row = $ilDB->fetchAssoc($res))
251 {
252 $server[] = $row;
253 }
254 return $server;
255 }
256
257 /*
258 * Get first server id
259 *
260 * @return integer server_id
261 */
262 public static function _getFirstServer()
263 {
264 $servers = ilLDAPServer::_getServerList();
265
266 if(count($servers))
267 {
268 return $servers[0];
269 }
270 return 0;
271 }
272
273
274 public static function getAvailableDataSources($a_auth_mode)
275 {
276 global $ilDB;
277
278 $query = "SELECT server_id FROM ldap_server_settings ".
279 "WHERE active = ".$ilDB->quote(1,'integer')." ".
280 "AND authentication = ".$ilDB->quote(0,'integer')." ".
281 "AND ( authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
282 "OR authentication_type = ".$ilDB->quote(0,'integer').")";
283 $res = $ilDB->query($query);
284
285 $server_ids = array();
286 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
287 {
288 $server_ids[] = $row->server_id;
289 }
290 return $server_ids;
291 }
292
299 public static function isDataSourceActive($a_auth_mode)
300 {
301 global $ilDB;
302
303 $query = "SELECT server_id FROM ldap_server_settings ".
304 "WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ".
305 "AND authentication = ".$ilDB->quote(0,'integer');
306 $res = $ilDB->query($query);
307 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
308 {
309 return true;
310 }
311 return false;
312 }
313
314 public static function getDataSource($a_auth_mode)
315 {
316 global $ilDB;
317
318 $query = "SELECT server_id FROM ldap_server_settings ".
319 "WHERE authentication_type = ".$ilDB->quote($a_auth_mode,'integer')." ";
320 $res = $ilDB->query($query);
321 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
322 {
323 return $row->server_id;
324 }
325 return 0;
326 }
327
331 public static function disableDataSourceForAuthMode($a_authmode)
332 {
333 global $ilDB;
334
335 $query = 'UPDATE ldap_server_settings '.
336 'SET authentication_type = '. $ilDB->quote(0,'integer').' '.
337 'WHERE authentication_type = '.$ilDB->quote($a_authmode,'integer');
338 $ilDB->manipulate($query);
339 return true;
340 }
341
342
343
350 public static function toggleDataSource($a_ldap_server_id, $a_auth_mode,$a_status)
351 {
352 global $ilDB;
353
354 self::disableDataSourceForAuthMode($a_auth_mode);
355
356 if($a_status)
357 {
358 $query = "UPDATE ldap_server_settings ".
359 'SET authentication_type = '.$ilDB->quote($a_auth_mode,'integer')." ".
360 'WHERE server_id = '.$ilDB->quote($a_ldap_server_id,'integer');
361 $ilDB->manipulate($query);
362 }
363 return true;
364 }
365
366 // begin-patch ldap_multiple
371 public static function isAuthModeLDAP($a_auth_mode)
372 {
373 if(!$a_auth_mode)
374 {
375 $GLOBALS['ilLog']->write(__METHOD__.': No auth mode given..............');
376 return false;
377 }
378 $auth_arr = explode('_', $a_auth_mode);
379 return ($auth_arr[0] == AUTH_LDAP) and $auth_arr[1];
380 }
381
387 public static function getServerIdByAuthMode($a_auth_mode)
388 {
389 if(self::isAuthModeLDAP($a_auth_mode))
390 {
391 $auth_arr = explode('_', $a_auth_mode);
392 return $auth_arr[1];
393 }
394 return NULL;
395 }
396
401 public static function getAuthModeByKey($a_auth_key)
402 {
403 $auth_arr = explode('_', $a_auth_key);
404 if(count((array) $auth_arr) > 1)
405 {
406 return 'ldap_'.$auth_arr[1];
407 }
408 return 'ldap';
409 }
410
416 public static function getKeyByAuthMode($a_auth_mode)
417 {
418 $auth_arr = explode('_', $a_auth_mode);
419 if(count((array) $auth_arr) > 1)
420 {
421 return AUTH_LDAP.'_'.$auth_arr[1];
422 }
423 return AUTH_LDAP;
424 }
425
426 // end-patch ldap_multiple
427
428 // Set/Get
429 public function getServerId()
430 {
431 return $this->server_id;
432 }
433
438 public function enableAuthentication($a_status)
439 {
440 $this->enabled_authentication = (bool) $a_status;
441 }
442
447 public function isAuthenticationEnabled()
448 {
449 return (bool) $this->enabled_authentication;
450 }
451
456 public function setAuthenticationMapping($a_map)
457 {
458 $this->authentication_mapping = $a_map;
459 }
460
465 public function getAuthenticationMapping()
466 {
467 return $this->authentication_mapping;
468 }
469
475 public function getAuthenticationMappingKey()
476 {
477 if($this->isAuthenticationEnabled() or !$this->getAuthenticationMapping())
478 {
479 // begin-patch ldap_multiple
480 return 'ldap_'.$this->getServerId();
481 #return 'ldap';
482 // end-patch ldap_multiple
483 }
484 return ilAuthUtils::_getAuthModeName($this->getAuthenticationMapping());
485 }
486
487 public function toggleActive($a_status)
488 {
489 $this->active = $a_status;
490 }
491 public function isActive()
492 {
493 return $this->active;
494 }
495 public function getUrl()
496 {
497 return $this->url;
498 }
499 public function setUrl($a_url)
500 {
501 $this->url_string = $a_url;
502
503 // Maybe there are more than one url's (comma seperated).
504 $urls = explode(',',$a_url);
505
506 $counter = 0;
507 foreach($urls as $url)
508 {
509 $url = trim($url);
510 if(!$counter++)
511 {
512 $this->url = $url;
513 }
514 else
515 {
516 $this->fallback_urls[] = $url;
517 }
518 }
519 }
520 public function getUrlString()
521 {
522 return $this->url_string;
523 }
524
532 public function doConnectionCheck()
533 {
534 include_once('Services/LDAP/classes/class.ilLDAPQuery.php');
535
536 foreach(array_merge(array(0 => $this->url),$this->fallback_urls) as $url)
537 {
538 try
539 {
540 ilLoggerFactory::getLogger('auth')->debug('Using url: ' . $url);
541 // Need to do a full bind, since openldap return valid connection links for invalid hosts
542 $query = new ilLDAPQuery($this,$url);
543 $query->bind(IL_LDAP_BIND_TEST);
544 $this->url = $url;
545 return TRUE;
546 }
547 catch(ilLDAPQueryException $exc)
548 {
549 $this->rotateFallbacks();
550 ilLoggerFactory::getLogger('auth')->error('Cannot connect to LDAP server: '. $url .' '. $exc->getCode().' '. $exc->getMessage());
551 }
552 }
553 ilLoggerFactory::getLogger('auth')->warning('No valid LDAP server found');
554 return FALSE;
555 }
556
557
558 public function getName()
559 {
560 return $this->name;
561 }
562 public function setName($a_name)
563 {
564 $this->name = $a_name;
565 }
566 public function getVersion()
567 {
568 return $this->version ? $this->version : self::DEFAULT_VERSION;
569 }
570 public function setVersion($a_version)
571 {
572 $this->version = $a_version;
573 }
574 public function getBaseDN()
575 {
576 return $this->base_dn;
577 }
578 public function setBaseDN($a_base_dn)
579 {
580 $this->base_dn = $a_base_dn;
581 }
582 public function isActiveReferrer()
583 {
584 return $this->referrals ? true : false;
585 }
586 public function toggleReferrer($a_status)
587 {
588 $this->referrals = $a_status;
589 }
590 public function isActiveTLS()
591 {
592 return $this->tls ? true : false;
593 }
594 public function toggleTLS($a_status)
595 {
596 $this->tls = $a_status;
597 }
598 public function getBindingType()
599 {
600 return $this->binding_type;
601 }
602 public function setBindingType($a_type)
603 {
604 if($a_type == IL_LDAP_BIND_USER)
605 {
606 $this->binding_type = IL_LDAP_BIND_USER;
607 }
608 else
609 {
610 $this->binding_type = IL_LDAP_BIND_ANONYMOUS;
611 }
612 }
613 public function getBindUser()
614 {
615 return $this->bind_user;
616 }
617 public function setBindUser($a_user)
618 {
619 $this->bind_user = $a_user;
620 }
621 public function getBindPassword()
622 {
623 return $this->bind_password;
624 }
625 public function setBindPassword($a_password)
626 {
627 $this->bind_password = $a_password;
628 }
629 public function getSearchBase()
630 {
631 return $this->search_base;
632 }
633 public function setSearchBase($a_search_base)
634 {
635 $this->search_base = $a_search_base;
636 }
637 public function getUserAttribute()
638 {
639 return $this->user_attribute;
640 }
641 public function setUserAttribute($a_user_attr)
642 {
643 $this->user_attribute = $a_user_attr;
644 }
645 public function getFilter()
646 {
647 return $this->prepareFilter($this->filter);
648 }
649 public function setFilter($a_filter)
650 {
651 $this->filter = $a_filter;
652 }
653 public function getGroupDN()
654 {
655 return $this->group_dn;
656 }
657 public function setGroupDN($a_value)
658 {
659 $this->group_dn = $a_value;
660 }
661 public function getGroupFilter()
662 {
663 return $this->prepareFilter($this->group_filter);
664 }
665 public function setGroupFilter($a_value)
666 {
667 $this->group_filter = $a_value;
668 }
669 public function getGroupMember()
670 {
671 return $this->group_member;
672 }
673 public function setGroupMember($a_value)
674 {
675 $this->group_member = $a_value;
676 }
677 public function getGroupName()
678 {
679 return $this->group_name;
680 }
681 public function setGroupName($a_value)
682 {
683 $this->group_name = $a_value;
684 }
692 public function getGroupNames()
693 {
694 $names = explode(',',$this->getGroupName());
695
696 if(!is_array($names))
697 {
698 return array();
699 }
700 foreach($names as $name)
701 {
702 $name = trim($name);
703 if(strlen($name))
704 {
705 $new_names[] = trim($name);
706 }
707 }
708 return $new_names;
709 }
710
711
712 public function getGroupAttribute()
713 {
714 return $this->group_attribute;
715 }
716 public function setGroupAttribute($a_value)
717 {
718 $this->group_attribute = $a_value;
719 }
720
721 public function toggleMembershipOptional($a_status)
722 {
723 $this->group_optional = (bool) $a_status;
724 }
725 public function isMembershipOptional()
726 {
727 return (bool) $this->group_optional;
728 }
729 public function setGroupUserFilter($a_filter)
730 {
731 $this->group_user_filter = $a_filter;
732 }
733 public function getGroupUserFilter()
734 {
735 return $this->group_user_filter;
736 }
737
738 public function enabledGroupMemberIsDN()
739 {
740 return (bool) $this->memberisdn;
741 }
742 public function enableGroupMemberIsDN($a_value)
743 {
744 $this->memberisdn = (bool) $a_value;
745 }
746 public function setGroupScope($a_value)
747 {
748 $this->group_scope = $a_value;
749 }
750 public function getGroupScope()
751 {
752 return $this->group_scope;
753 }
754 public function setUserScope($a_value)
755 {
756 $this->user_scope = $a_value;
757 }
758 public function getUserScope()
759 {
760 return $this->user_scope;
761 }
762 public function enabledSyncOnLogin()
763 {
764 return $this->sync_on_login;
765 }
766 public function enableSyncOnLogin($a_value)
767 {
768 $this->sync_on_login = (int) $a_value;
769 }
770 public function enabledSyncPerCron()
771 {
772 return $this->sync_per_cron;
773 }
774 public function enableSyncPerCron($a_value)
775 {
776 $this->sync_per_cron = (int) $a_value;
777 }
778 public function setGlobalRole($a_role)
779 {
780 $this->global_role = $a_role;
781 }
782 public function getRoleBindDN()
783 {
784 return $this->role_bind_dn;
785 }
786 public function setRoleBindDN($a_value)
787 {
788 $this->role_bind_dn = $a_value;
789 }
790 public function getRoleBindPassword()
791 {
792 return $this->role_bind_pass;
793 }
794 public function setRoleBindPassword($a_value)
795 {
796 $this->role_bind_pass = $a_value;
797 }
798 public function enabledRoleSynchronization()
799 {
800 return $this->role_sync_active;
801 }
802 public function enableRoleSynchronization($a_value)
803 {
804 $this->role_sync_active = $a_value;
805 }
806 // start Patch Name Filter
807 public function getUsernameFilter()
808 {
809 return $this->username_filter;
810 }
811 public function setUsernameFilter($a_value)
812 {
813 $this->username_filter = $a_value;
814 }// end Patch Name Filter
815
823 public function enableAccountMigration($a_status)
824 {
825 $this->account_migration = $a_status;
826 }
827
834 public function isAccountMigrationEnabled()
835 {
836 return $this->account_migration ? true : false;
837 }
838
839
845 public function validate()
846 {
847 global $ilErr;
848
849 $ilErr->setMessage('');
850 if(!strlen($this->getName()) ||
851 !strlen($this->getUrl()) ||
852 !strlen($this->getBaseDN()) ||
853 !strlen($this->getUserAttribute()))
854 {
855 $ilErr->setMessage($this->lng->txt('fill_out_all_required_fields'));
856 }
857
858 if($this->getBindingType() == IL_LDAP_BIND_USER
859 && (!strlen($this->getBindUser()) || !strlen($this->getBindPassword())))
860 {
861 $ilErr->appendMessage($this->lng->txt('ldap_missing_bind_user'));
862 }
863
864 if(($this->enabledSyncPerCron() or $this->enabledSyncOnLogin()) and !$this->global_role)
865 {
866 $ilErr->appendMessage($this->lng->txt('ldap_missing_role_assignment'));
867 }
868 if($this->getVersion() == 2 and $this->isActiveTLS())
869 {
870 $ilErr->appendMessage($this->lng->txt('ldap_tls_conflict'));
871 }
872
873 return strlen($ilErr->getMessage()) ? false : true;
874 }
875
876 public function create()
877 {
878 global $ilDB;
879 // start Patch Name Filter remove ",username_filter", ",%s", ",$this->getUsernameFilter()"
880 $next_id = $ilDB->nextId('ldap_server_settings');
881
882 $query = 'INSERT INTO ldap_server_settings (server_id,active,name,url,version,base_dn,referrals,tls,bind_type,bind_user,bind_pass,'.
883 'search_base,user_scope,user_attribute,filter,group_dn,group_scope,group_filter,group_member,group_memberisdn,group_name,'.
884 'group_attribute,group_optional,group_user_filter,sync_on_login,sync_per_cron,role_sync_active,role_bind_dn,role_bind_pass,migration, '.
885 'authentication,authentication_type,username_filter) '.
886 'VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)';
887 $res = $ilDB->queryF($query,
888 array(
889 'integer','integer','text','text','integer','text','integer','integer','integer','text','text','text','integer',
890 'text','text','text','integer','text','text','integer','text','text','integer','text','integer','integer','integer',
891 'text','text', 'integer','integer','integer',"text"),
892 array(
893 $next_id,
894 $this->isActive(),
895 $this->getName(),
896 $this->getUrlString(),
897 $this->getVersion(),
898 $this->getBaseDN(),
899 $this->isActiveReferrer(),
900 $this->isActiveTLS(),
901 $this->getBindingType(),
902 $this->getBindUser(),
903 $this->getBindPassword(),
904 $this->getSearchBase(),
905 $this->getUserScope(),
906 $this->getUserAttribute(),
907 $this->getFilter(),
908 $this->getGroupDN(),
909 $this->getGroupScope(),
910 $this->getGroupFilter(),
911 $this->getGroupMember(),
912 $this->enabledGroupMemberIsDN(),
913 $this->getGroupName(),
914 $this->getGroupAttribute(),
915 $this->isMembershipOptional(),
916 $this->getGroupUserFilter(),
917 $this->enabledSyncOnLogin(),
918 $this->enabledSyncPerCron(),
919 $this->enabledRoleSynchronization(),
920 $this->getRoleBindDN(),
921 $this->getRoleBindPassword(),
922 $this->isAccountMigrationEnabled(),
923 $this->isAuthenticationEnabled(),
924 $this->getAuthenticationMapping(),
925 $this->getUsernameFilter()
926 ));
927 // end Patch Name Filter
928 $this->server_id = $next_id;
929 return $next_id;
930 }
931
932 public function update()
933 {
934 global $ilDB;
935
936 $query = "UPDATE ldap_server_settings SET ".
937 "active = ".$this->db->quote($this->isActive(),'integer').", ".
938 "name = ".$this->db->quote($this->getName(),'text').", ".
939 "url = ".$this->db->quote($this->getUrlString(),'text').", ".
940 "version = ".$this->db->quote($this->getVersion(),'integer').", ".
941 "base_dn = ".$this->db->quote($this->getBaseDN(),'text').", ".
942 "referrals = ".$this->db->quote($this->isActiveReferrer(),'integer').", ".
943 "tls = ".$this->db->quote($this->isActiveTLS(),'integer').", ".
944 "bind_type = ".$this->db->quote($this->getBindingType(),'integer').", ".
945 "bind_user = ".$this->db->quote($this->getBindUser(),'text').", ".
946 "bind_pass = ".$this->db->quote($this->getBindPassword(),'text').", ".
947 "search_base = ".$this->db->quote($this->getSearchBase(),'text').", ".
948 "user_scope = ".$this->db->quote($this->getUserScope(),'integer').", ".
949 "user_attribute = ".$this->db->quote($this->getUserAttribute(),'text').", ".
950 "filter = ".$this->db->quote($this->getFilter(),'text').", ".
951 "group_dn = ".$this->db->quote($this->getGroupDN(),'text').", ".
952 "group_scope = ".$this->db->quote($this->getGroupScope(),'integer').", ".
953 "group_filter = ".$this->db->quote($this->getGroupFilter(),'text').", ".
954 "group_member = ".$this->db->quote($this->getGroupMember(),'text').", ".
955 "group_memberisdn =".$this->db->quote((int) $this->enabledGroupMemberIsDN(),'integer').", ".
956 "group_name = ".$this->db->quote($this->getGroupName(),'text').", ".
957 "group_attribute = ".$this->db->quote($this->getGroupAttribute(),'text').", ".
958 "group_optional = ".$this->db->quote((int) $this->isMembershipOptional(),'integer').", ".
959 "group_user_filter = ".$this->db->quote($this->getGroupUserFilter(),'text').", ".
960 "sync_on_login = ".$this->db->quote(($this->enabledSyncOnLogin() ? 1 : 0),'integer').", ".
961 "sync_per_cron = ".$this->db->quote(($this->enabledSyncPerCron() ? 1 : 0),'integer').", ".
962 "role_sync_active = ".$this->db->quote($this->enabledRoleSynchronization(),'integer').", ".
963 "role_bind_dn = ".$this->db->quote($this->getRoleBindDN(),'text').", ".
964 "role_bind_pass = ".$this->db->quote($this->getRoleBindPassword(),'text').", ".
965 "migration = ".$this->db->quote((int)$this->isAccountMigrationEnabled(),'integer').", ".
966 'authentication = '.$this->db->quote((int) $this->isAuthenticationEnabled(),'integer').', '.
967 'authentication_type = '.$this->db->quote((int) $this->getAuthenticationMapping(),'integer').' '.
968 // start Patch Name Filter
969 ", username_filter = ".$this->db->quote($this->getUsernameFilter(), "text")." ".
970 // end Patch Name Filter
971 "WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
972
973 $res = $ilDB->manipulate($query);
974 return true;
975 }
976
980 public function delete()
981 {
982 if(!$this->getServerId())
983 {
984 return false;
985 }
986
987 include_once 'Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
988 ilLDAPAttributeMapping::_delete($this->getServerId());
989
990 include_once 'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
991 $rules = ilLDAPRoleAssignmentRule::_getRules($this->getServerId());
992
993 foreach($rules as $ruleAssigment)
994 {
995 $ruleAssigment->delete();
996 }
997
998 include_once 'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
999 ilLDAPRoleGroupMappingSettings::_deleteByServerId($this->getServerId());
1000
1001 $query = "DELETE FROM ldap_server_settings ".
1002 "WHERE server_id = ".$this->db->quote($this->getServerId(),'integer');
1003 $res = $this->db->manipulate($query);
1004
1005 }
1006
1012 public function toPearAuthArray()
1013 {
1014 $options = array(
1015 'url' => $this->getUrl(),
1016 'version' => (int) $this->getVersion(),
1017 'referrals' => (bool) $this->isActiveReferrer());
1018
1019 if($this->getBindingType() == IL_LDAP_BIND_USER)
1020 {
1021 $options['binddn'] = $this->getBindUser();
1022 $options['bindpw'] = $this->getBindPassword();
1023 }
1024 $options['basedn'] = $this->getBaseDN();
1025 $options['start_tls'] = (bool) $this->isActiveTLS();
1026 $options['userdn'] = $this->getSearchBase();
1027 switch($this->getUserScope())
1028 {
1029 case IL_LDAP_SCOPE_ONE:
1030 $options['userscope'] = 'one';
1031 break;
1032 default:
1033 $options['userscope'] = 'sub';
1034 break;
1035 }
1036
1037 $options['userattr'] = $this->getUserAttribute();
1038 $options['userfilter'] = $this->getFilter();
1039 $options['attributes'] = $this->getPearAtributeArray();
1040 $options['debug'] = self::DEBUG;
1041
1042 if(@include_once('Log.php'))
1043 {
1044 if(@include_once('Log/observer.php'))
1045 {
1046 $options['enableLogging'] = true;
1047 }
1048 }
1049 switch($this->getGroupScope())
1050 {
1051 case IL_LDAP_SCOPE_BASE:
1052 $options['groupscope'] = 'base';
1053 break;
1054 case IL_LDAP_SCOPE_ONE:
1055 $options['groupscope'] = 'one';
1056 break;
1057 default:
1058 $options['groupscope'] = 'sub';
1059 break;
1060 }
1061 $options['groupdn'] = $this->getGroupDN();
1062 $options['groupattr'] = $this->getGroupAttribute();
1063 $options['groupfilter'] = $this->getGroupFilter();
1064 $options['memberattr'] = $this->getGroupMember();
1065 $options['memberisdn'] = $this->enabledGroupMemberIsDN();
1066 $options['group'] = $this->getGroupName();
1067
1068
1069 return $options;
1070 }
1071
1079 private function prepareFilter($a_filter)
1080 {
1081 $filter = trim($a_filter);
1082
1083 if(!strlen($filter))
1084 {
1085 return $filter;
1086 }
1087
1088 if(strpos($filter,'(') !== 0)
1089 {
1090 $filter = ('('.$filter);
1091 }
1092 if(substr($filter,-1) != ')')
1093 {
1094 $filter = ($filter.')');
1095 }
1096 return $filter;
1097 }
1098
1106 private function getPearAtributeArray()
1107 {
1108 if($this->enabledSyncOnLogin())
1109 {
1110 include_once('Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
1111 include_once('Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php');
1112 $mapping = ilLDAPAttributeMapping::_getInstanceByServerId($this->getServerId());
1113 return array_merge(
1114 array($this->getUserAttribute()),
1115 $mapping->getFields(),
1116 array('dn'),
1117 ilLDAPRoleAssignmentRules::getAttributeNames($this->getServerId())
1118 );
1119 }
1120 else
1121 {
1122 return array($this->getUserAttribute());
1123 }
1124 }
1125
1126
1127
1132 private function read()
1133 {
1134 if(!$this->server_id)
1135 {
1136 return true;
1137 }
1138 $query = "SELECT * FROM ldap_server_settings WHERE server_id = ".$this->db->quote($this->server_id)."";
1139
1140 $res = $this->db->query($query);
1141 while($row = $res->fetchRow(ilDBConstants::FETCHMODE_OBJECT))
1142 {
1143 $this->toggleActive($row->active);
1144 $this->setName($row->name);
1145 $this->setUrl($row->url);
1146 $this->setVersion($row->version);
1147 $this->setBaseDN($row->base_dn);
1148 $this->toggleReferrer($row->referrals);
1149 $this->toggleTLS($row->tls);
1150 $this->setBindingType($row->bind_type);
1151 $this->setBindUser($row->bind_user);
1152 $this->setBindPassword($row->bind_pass);
1153 $this->setSearchBase($row->search_base);
1154 $this->setUserScope($row->user_scope);
1155 $this->setUserAttribute($row->user_attribute);
1156 $this->setFilter($row->filter);
1157 $this->setGroupDN($row->group_dn);
1158 $this->setGroupScope($row->group_scope);
1159 $this->setGroupFilter($row->group_filter);
1160 $this->setGroupMember($row->group_member);
1161 $this->setGroupAttribute($row->group_attribute);
1162 $this->toggleMembershipOptional($row->group_optional);
1163 $this->setGroupUserFilter($row->group_user_filter);
1164 $this->enableGroupMemberIsDN($row->group_memberisdn);
1165 $this->setGroupName($row->group_name);
1166 $this->enableSyncOnLogin($row->sync_on_login);
1167 $this->enableSyncPerCron($row->sync_per_cron);
1168 $this->enableRoleSynchronization($row->role_sync_active);
1169 $this->setRoleBindDN($row->role_bind_dn);
1170 $this->setRoleBindPassword($row->role_bind_pass);
1171 $this->enableAccountMigration($row->migration);
1172 $this->enableAuthentication($row->authentication);
1173 $this->setAuthenticationMapping($row->authentication_type);
1174 // start Patch Name Filter
1175 $this->setUsernameFilter($row->username_filter);
1176 // end Patch Name Filter
1177 }
1178 }
1179}
1180?>
php
An exception for terminatinating execution or to throw for unit testing.
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
IL_LDAP_BIND_TEST
const IL_LDAP_BIND_TEST
Definition: class.ilLDAPQuery.php:26
IL_LDAP_BIND_USER
const IL_LDAP_BIND_USER
Definition: class.ilLDAPServer.php:6
IL_LDAP_SCOPE_BASE
const IL_LDAP_SCOPE_BASE
Definition: class.ilLDAPServer.php:10
IL_LDAP_BIND_ANONYMOUS
const IL_LDAP_BIND_ANONYMOUS
Definition: class.ilLDAPServer.php:5
IL_LDAP_SCOPE_ONE
const IL_LDAP_SCOPE_ONE
Definition: class.ilLDAPServer.php:9
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:484
ilLDAPAttributeMapping\_delete
static _delete($a_server_id)
Delete mapping rules by server id.
Definition: class.ilLDAPAttributeMapping.php:82
ilLDAPAttributeMapping\_getInstanceByServerId
static _getInstanceByServerId($a_server_id)
Get instance of class.
Definition: class.ilLDAPAttributeMapping.php:65
ilLDAPRoleAssignmentRule\_getRules
static _getRules($a_server_id)
Get all rules.
Definition: class.ilLDAPRoleAssignmentRule.php:189
ilLDAPRoleAssignmentRules\getAttributeNames
static getAttributeNames($a_server_id)
get all possible attribute names
Definition: class.ilLDAPRoleAssignmentRules.php:83
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:387
ilLDAPServer\setGroupScope
setGroupScope($a_value)
Definition: class.ilLDAPServer.php:746
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:200
ilLDAPServer\isAuthenticationEnabled
isAuthenticationEnabled()
Check if authentication is enabled.
Definition: class.ilLDAPServer.php:447
ilLDAPServer\setGroupName
setGroupName($a_value)
Definition: class.ilLDAPServer.php:681
ilLDAPServer\getDataSource
static getDataSource($a_auth_mode)
Definition: class.ilLDAPServer.php:314
ilLDAPServer\read
read()
Read server settings.
Definition: class.ilLDAPServer.php:1132
ilLDAPServer\setGroupAttribute
setGroupAttribute($a_value)
Definition: class.ilLDAPServer.php:716
ilLDAPServer\setAuthenticationMapping
setAuthenticationMapping($a_map)
Set mapped authentication mapping.
Definition: class.ilLDAPServer.php:456
ilLDAPServer\_getCronServerIds
static _getCronServerIds()
Get list of acticve servers with option 'SyncCron'.
Definition: class.ilLDAPServer.php:126
ilLDAPServer\disableDataSourceForAuthMode
static disableDataSourceForAuthMode($a_authmode)
Disable data source.
Definition: class.ilLDAPServer.php:331
ilLDAPServer\checkLDAPLib
static checkLDAPLib()
Check if ldap module is installed.
Definition: class.ilLDAPServer.php:95
ilLDAPServer\setSearchBase
setSearchBase($a_search_base)
Definition: class.ilLDAPServer.php:633
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:58
ilLDAPServer\enableSyncOnLogin
enableSyncOnLogin($a_value)
Definition: class.ilLDAPServer.php:766
ilLDAPServer\getAuthenticationMapping
getAuthenticationMapping()
Get authentication mode that is mapped.
Definition: class.ilLDAPServer.php:465
ilLDAPServer\doConnectionCheck
doConnectionCheck()
Check ldap connection and do a fallback to the next server if no connection is possible.
Definition: class.ilLDAPServer.php:532
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:105
ilLDAPServer\_getPasswordServers
static _getPasswordServers()
Checks whether password synchronistation is enabled for an user.
Definition: class.ilLDAPServer.php:174
ilLDAPServer\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
get auth mode by key
Definition: class.ilLDAPServer.php:401
ilLDAPServer\toggleTLS
toggleTLS($a_status)
Definition: class.ilLDAPServer.php:594
ilLDAPServer\setRoleBindDN
setRoleBindDN($a_value)
Definition: class.ilLDAPServer.php:786
ilLDAPServer\enableGroupMemberIsDN
enableGroupMemberIsDN($a_value)
Definition: class.ilLDAPServer.php:742
ilLDAPServer\setUsernameFilter
setUsernameFilter($a_value)
Definition: class.ilLDAPServer.php:811
ilLDAPServer\toPearAuthArray
toPearAuthArray()
Creates an array of options compatible to PEAR Auth.
Definition: class.ilLDAPServer.php:1012
ilLDAPServer\validate
validate()
Validate user input.
Definition: class.ilLDAPServer.php:845
ilLDAPServer\_getAllServer
static _getAllServer()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:241
ilLDAPServer\enableSyncPerCron
enableSyncPerCron($a_value)
Definition: class.ilLDAPServer.php:774
ilLDAPServer\toggleReferrer
toggleReferrer($a_status)
Definition: class.ilLDAPServer.php:586
ilLDAPServer\setUserScope
setUserScope($a_value)
Definition: class.ilLDAPServer.php:754
ilLDAPServer\setGroupUserFilter
setGroupUserFilter($a_filter)
Definition: class.ilLDAPServer.php:729
ilLDAPServer\enableRoleSynchronization
enableRoleSynchronization($a_value)
Definition: class.ilLDAPServer.php:802
ilLDAPServer\DEFAULT_NETWORK_TIMEOUT
const DEFAULT_NETWORK_TIMEOUT
Definition: class.ilLDAPServer.php:30
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:371
ilLDAPServer\isDataSourceActive
static isDataSourceActive($a_auth_mode)
Check if a data source is active for a specific auth mode @global ilDB $ilDB.
Definition: class.ilLDAPServer.php:299
ilLDAPServer\getAuthenticationMappingKey
getAuthenticationMappingKey()
Get authentication mapping key Default is ldap.
Definition: class.ilLDAPServer.php:475
ilLDAPServer\setFilter
setFilter($a_filter)
Definition: class.ilLDAPServer.php:649
ilLDAPServer\getGroupNames
getGroupNames()
Get group names as array.
Definition: class.ilLDAPServer.php:692
ilLDAPServer\toggleMembershipOptional
toggleMembershipOptional($a_status)
Definition: class.ilLDAPServer.php:721
ilLDAPServer\__construct
__construct($a_server_id=0)
Definition: class.ilLDAPServer.php:42
ilLDAPServer\setRoleBindPassword
setRoleBindPassword($a_value)
Definition: class.ilLDAPServer.php:794
ilLDAPServer\getPearAtributeArray
getPearAtributeArray()
Get attribute array for pear auth data.
Definition: class.ilLDAPServer.php:1106
ilLDAPServer\isAccountMigrationEnabled
isAccountMigrationEnabled()
enabled account migration
Definition: class.ilLDAPServer.php:834
ilLDAPServer\rotateFallbacks
rotateFallbacks()
Rotate fallback urls in case of connect timeouts.
Definition: class.ilLDAPServer.php:71
ilLDAPServer\setBindPassword
setBindPassword($a_password)
Definition: class.ilLDAPServer.php:625
ilLDAPServer\toggleDataSource
static toggleDataSource($a_ldap_server_id, $a_auth_mode, $a_status)
Toggle Data Source.
Definition: class.ilLDAPServer.php:350
ilLDAPServer\toggleActive
toggleActive($a_status)
Definition: class.ilLDAPServer.php:487
ilLDAPServer\setGroupMember
setGroupMember($a_value)
Definition: class.ilLDAPServer.php:673
ilLDAPServer\setVersion
setVersion($a_version)
Definition: class.ilLDAPServer.php:570
ilLDAPServer\_getFirstServer
static _getFirstServer()
Definition: class.ilLDAPServer.php:262
ilLDAPServer\setGroupFilter
setGroupFilter($a_value)
Definition: class.ilLDAPServer.php:665
ilLDAPServer\setBaseDN
setBaseDN($a_base_dn)
Definition: class.ilLDAPServer.php:578
ilLDAPServer\setUserAttribute
setUserAttribute($a_user_attr)
Definition: class.ilLDAPServer.php:641
ilLDAPServer\_getRoleSyncServerIds
static _getRoleSyncServerIds()
Check whether there if there is an active server with option role_sync_active.
Definition: class.ilLDAPServer.php:150
ilLDAPServer\enableAccountMigration
enableAccountMigration($a_status)
Enable account migration.
Definition: class.ilLDAPServer.php:823
ilLDAPServer\enableAuthentication
enableAuthentication($a_status)
Enable authentication for this ldap server.
Definition: class.ilLDAPServer.php:438
ilLDAPServer\getAvailableDataSources
static getAvailableDataSources($a_auth_mode)
Definition: class.ilLDAPServer.php:274
ilLDAPServer\_getFirstActiveServer
static _getFirstActiveServer()
Get first active server.
Definition: class.ilLDAPServer.php:185
ilLDAPServer\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:416
ilLDAPServer\getServerIds
static getServerIds()
Get all server ids @global ilDB $ilDB.
Definition: class.ilLDAPServer.php:219
ilLDAPServer\prepareFilter
prepareFilter($a_filter)
Create brackets for filters if they do not exist.
Definition: class.ilLDAPServer.php:1079
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:82
$counter
$counter
Definition: config-scanner.php:59
$server
$server
Definition: dummy_client.php:12
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
$lng
global $lng
Definition: privfeed.php:17
$ilErr
global $ilErr
Definition: raiseError.php:16
$url
$url
Definition: shib_logout.php:72
$ilDB
global $ilDB
Definition: storeScorm2004.php:19
$options
if(!is_array($argv)) $options
Definition: tcpdf_addfont.php:137
$a_type
$a_type
Definition: workflow.php:93