5define(
'IL_LDAP_BIND_ANONYMOUS', 0);
 
    6define(
'IL_LDAP_BIND_USER', 1);
 
    8define(
'IL_LDAP_SCOPE_SUB', 0);
 
    9define(
'IL_LDAP_SCOPE_ONE', 1);
 
   10define(
'IL_LDAP_SCOPE_BASE', 2);
 
   48        $this->server_id = $a_server_id;
 
   60        if (isset(self::$instances[$a_server_id])) {
 
   61            return self::$instances[$a_server_id];
 
   63        return self::$instances[$a_server_id] = 
new ilLDAPServer($a_server_id);
 
   74        if (!$this->fallback_urls) {
 
   78        $all_urls = array_merge($this->fallback_urls);
 
   79        $all_urls[] = $this->
getUrl();
 
   81        $query = 
'UPDATE ldap_server_settings SET ' .
 
   82                'url = ' . $ilDB->quote(implode(
',', $all_urls), 
'text') . 
' ' .
 
   95        return function_exists(
'ldap_bind');
 
  107        $query = 
"SELECT server_id FROM ldap_server_settings " .
 
  108            "WHERE active = 1 AND authentication = 1 " .
 
  111        $server_ids = array();
 
  113            $server_ids[] = 
$row->server_id;
 
  127        $query = 
"SELECT server_id FROM ldap_server_settings " .
 
  128            "WHERE active = 1 " .
 
  129            "AND sync_per_cron = 1 " .
 
  134            $server_ids[] = 
$row->server_id;
 
  136        return $server_ids ? $server_ids : array();
 
  150        $query = 
"SELECT server_id FROM ldap_server_settings " .
 
  151            "WHERE active = 1 " .
 
  152            "AND role_sync_active = 1 ";
 
  155        $server_ids = array();
 
  157            $server_ids[] = 
$row->server_id;
 
  183        if (count($servers)) {
 
  198        $query = 
"SELECT server_id FROM ldap_server_settings ORDER BY name";
 
  202            $server_ids[] = 
$row->server_id;
 
  204        return $server_ids ? $server_ids : array();
 
  216        $query = 
"SELECT server_id FROM ldap_server_settings ORDER BY name";
 
  237        $query = 
"SELECT * FROM ldap_server_settings ORDER BY name";
 
  257        if (count($servers)) {
 
  268        $query = 
"SELECT server_id FROM ldap_server_settings " .
 
  269            "WHERE active = " . 
$ilDB->quote(1, 
'integer') . 
" " .
 
  270            "AND authentication = " . 
$ilDB->quote(0, 
'integer') . 
" " .
 
  271            "AND ( authentication_type = " . 
$ilDB->quote($a_auth_mode, 
'integer') . 
" " .
 
  272            "OR authentication_type = " . 
$ilDB->quote(0, 
'integer') . 
")";
 
  275        $server_ids = array();
 
  277            $server_ids[] = 
$row->server_id;
 
  292        $query = 
"SELECT server_id FROM ldap_server_settings " .
 
  293            "WHERE authentication_type = " . 
$ilDB->quote($a_auth_mode, 
'integer') . 
" " .
 
  294            "AND authentication = " . 
$ilDB->quote(0, 
'integer');
 
  306        $query = 
"SELECT server_id FROM ldap_server_settings " .
 
  307            "WHERE authentication_type = " . 
$ilDB->quote($a_auth_mode, 
'integer') . 
" ";
 
  310            return $row->server_id;
 
  322        $query = 
'UPDATE ldap_server_settings ' .
 
  323            'SET authentication_type = ' . 
$ilDB->quote(0, 
'integer') . 
' ' .
 
  324            'WHERE authentication_type = ' . 
$ilDB->quote($a_authmode, 
'integer');
 
  344            $query = 
"UPDATE ldap_server_settings " .
 
  345                'SET authentication_type = ' . 
$ilDB->quote($a_auth_mode, 
'integer') . 
" " .
 
  346                'WHERE server_id = ' . 
$ilDB->quote($a_ldap_server_id, 
'integer');
 
  360            $GLOBALS[
'ilLog']->write(__METHOD__ . 
': No auth mode given..............');
 
  363        $auth_arr = explode(
'_', $a_auth_mode);
 
  364        return ($auth_arr[0] == 
AUTH_LDAP) and $auth_arr[1];
 
  374        if (self::isAuthModeLDAP($a_auth_mode)) {
 
  375            $auth_arr = explode(
'_', $a_auth_mode);
 
  387        $auth_arr = explode(
'_', $a_auth_key);
 
  388        if (count((array) $auth_arr) > 1) {
 
  389            return 'ldap_' . $auth_arr[1];
 
  401        $auth_arr = explode(
'_', $a_auth_mode);
 
  402        if (count((array) $auth_arr) > 1) {
 
  422        $this->enabled_authentication = (bool) $a_status;
 
  440        $this->authentication_mapping = $a_map;
 
  470        $this->active = $a_status;
 
  474        return $this->active;
 
  482        $this->url_string = $a_url;
 
  485        $urls = explode(
',', $a_url);
 
  493                $this->fallback_urls[] = 
$url;
 
  499        return $this->url_string;
 
  511        include_once(
'Services/LDAP/classes/class.ilLDAPQuery.php');
 
  513        foreach (array_merge(array(0 => $this->url), $this->fallback_urls) as 
$url) {
 
  523                ilLoggerFactory::getLogger(
'auth')->error(
'Cannot connect to LDAP server: ' . $url . 
' ' . $exc->getCode() . 
' ' . $exc->getMessage());
 
  537        $this->name = $a_name;
 
  545        $this->version = $a_version;
 
  549        return $this->base_dn;
 
  553        $this->base_dn = $a_base_dn;
 
  557        return $this->referrals ? true : 
false;
 
  561        $this->referrals = $a_status;
 
  565        return $this->tls ? true : 
false;
 
  569        $this->tls = $a_status;
 
  573        return $this->binding_type;
 
  585        return $this->bind_user;
 
  589        $this->bind_user = $a_user;
 
  593        return $this->bind_password;
 
  597        $this->bind_password = $a_password;
 
  601        return $this->search_base;
 
  605        $this->search_base = $a_search_base;
 
  609        return $this->user_attribute;
 
  613        $this->user_attribute = $a_user_attr;
 
  621        $this->filter = $a_filter;
 
  625        return $this->group_dn;
 
  629        $this->group_dn = $a_value;
 
  637        $this->group_filter = $a_value;
 
  641        return $this->group_member;
 
  645        $this->group_member = $a_value;
 
  649        return $this->group_name;
 
  653        $this->group_name = $a_value;
 
  668        return array_filter(array_map(
'trim', 
$names));
 
  674        return $this->group_attribute;
 
  678        $this->group_attribute = $a_value;
 
  683        $this->group_optional = (bool) $a_status;
 
  687        return (
bool) $this->group_optional;
 
  691        $this->group_user_filter = $a_filter;
 
  695        return $this->group_user_filter;
 
  700        return (
bool) $this->memberisdn;
 
  704        $this->memberisdn = (bool) $a_value;
 
  708        $this->group_scope = $a_value;
 
  712        return $this->group_scope;
 
  716        $this->user_scope = $a_value;
 
  720        return $this->user_scope;
 
  724        return $this->sync_on_login;
 
  728        $this->sync_on_login = (int) $a_value;
 
  732        return $this->sync_per_cron;
 
  736        $this->sync_per_cron = (int) $a_value;
 
  740        $this->global_role = $a_role;
 
  748        $this->role_bind_dn = $a_value;
 
  756        $this->role_bind_pass = $a_value;
 
  764        $this->role_sync_active = $a_value;
 
  769        return $this->username_filter;
 
  773        $this->username_filter = $a_value;
 
  785        $this->account_migration = $a_status;
 
  796        return $this->account_migration ? true : 
false;
 
  810        if (!strlen($this->
getName()) ||
 
  811            !strlen($this->
getUrl()) ||
 
  814            $ilErr->setMessage($this->lng->txt(
'fill_out_all_required_fields'));
 
  819            $ilErr->appendMessage($this->lng->txt(
'ldap_missing_bind_user'));
 
  823            $ilErr->appendMessage($this->lng->txt(
'ldap_missing_role_assignment'));
 
  826            $ilErr->appendMessage($this->lng->txt(
'ldap_tls_conflict'));
 
  829        return strlen(
$ilErr->getMessage()) ? false : 
true;
 
  836        $next_id = 
$ilDB->nextId(
'ldap_server_settings');
 
  838        $query = 
'INSERT INTO ldap_server_settings (server_id,active,name,url,version,base_dn,referrals,tls,bind_type,bind_user,bind_pass,' .
 
  839            'search_base,user_scope,user_attribute,filter,group_dn,group_scope,group_filter,group_member,group_memberisdn,group_name,' .
 
  840            'group_attribute,group_optional,group_user_filter,sync_on_login,sync_per_cron,role_sync_active,role_bind_dn,role_bind_pass,migration, ' .
 
  841            'authentication,authentication_type,username_filter) ' .
 
  842            'VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s)';
 
  846                'integer',
'integer',
'text',
'text',
'integer',
'text',
'integer',
'integer',
'integer',
'text',
'text',
'text',
'integer',
 
  847                'text',
'text',
'text',
'integer',
'text',
'text',
'integer',
'text',
'text',
'integer',
'text',
'integer',
'integer',
'integer',
 
  848                'text',
'text', 
'integer',
'integer',
'integer',
"text"),
 
  886        $this->server_id = $next_id;
 
  894        $query = 
"UPDATE ldap_server_settings SET " .
 
  895            "active = " . $this->db->quote($this->
isActive(), 
'integer') . 
", " .
 
  896            "name = " . $this->db->quote($this->
getName(), 
'text') . 
", " .
 
  897            "url = " . $this->db->quote($this->
getUrlString(), 
'text') . 
", " .
 
  898            "version = " . $this->db->quote($this->
getVersion(), 
'integer') . 
", " .
 
  899            "base_dn = " . $this->db->quote($this->
getBaseDN(), 
'text') . 
", " .
 
  900            "referrals = " . $this->db->quote($this->
isActiveReferrer(), 
'integer') . 
", " .
 
  901            "tls = " . $this->db->quote($this->
isActiveTLS(), 
'integer') . 
", " .
 
  902            "bind_type = " . $this->db->quote($this->
getBindingType(), 
'integer') . 
", " .
 
  903            "bind_user = " . $this->db->quote($this->
getBindUser(), 
'text') . 
", " .
 
  904            "bind_pass = " . $this->db->quote($this->
getBindPassword(), 
'text') . 
", " .
 
  905            "search_base = " . $this->db->quote($this->
getSearchBase(), 
'text') . 
", " .
 
  906            "user_scope = " . $this->db->quote($this->
getUserScope(), 
'integer') . 
", " .
 
  907            "user_attribute = " . $this->db->quote($this->
getUserAttribute(), 
'text') . 
", " .
 
  908            "filter = " . $this->db->quote($this->
getFilter(), 
'text') . 
", " .
 
  909            "group_dn = " . $this->db->quote($this->
getGroupDN(), 
'text') . 
", " .
 
  910            "group_scope = " . $this->db->quote($this->
getGroupScope(), 
'integer') . 
", " .
 
  911            "group_filter = " . $this->db->quote($this->
getGroupFilter(), 
'text') . 
", " .
 
  912            "group_member = " . $this->db->quote($this->
getGroupMember(), 
'text') . 
", " .
 
  914            "group_name = " . $this->db->quote($this->
getGroupName(), 
'text') . 
", " .
 
  915            "group_attribute = " . $this->db->quote($this->
getGroupAttribute(), 
'text') . 
", " .
 
  917            "group_user_filter = " . $this->db->quote($this->
getGroupUserFilter(), 
'text') . 
", " .
 
  918            "sync_on_login = " . $this->db->quote(($this->
enabledSyncOnLogin() ? 1 : 0), 
'integer') . 
", " .
 
  919            "sync_per_cron = " . $this->db->quote(($this->
enabledSyncPerCron() ? 1 : 0), 
'integer') . 
", " .
 
  921            "role_bind_dn = " . $this->db->quote($this->
getRoleBindDN(), 
'text') . 
", " .
 
  927            ", username_filter = " . $this->db->quote($this->
getUsernameFilter(), 
"text") . 
" " .
 
  929            "WHERE server_id = " . $this->db->quote($this->
getServerId(), 
'integer');
 
  938    public function delete()
 
  944        include_once 
'Services/LDAP/classes/class.ilLDAPAttributeMapping.php';
 
  947        include_once 
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRule.php';
 
  950        foreach ($rules as $ruleAssigment) {
 
  951            $ruleAssigment->delete();
 
  954        include_once 
'Services/LDAP/classes/class.ilLDAPRoleGroupMappingSettings.php';
 
  957        $query = 
"DELETE FROM ldap_server_settings " .
 
  958            "WHERE server_id = " . $this->db->quote($this->
getServerId(), 
'integer');
 
  995        if (@include_once(
'Log.php')) {
 
  996            if (@include_once(
'Log/observer.php')) {
 
 1031        $filter = trim($a_filter);
 
 1033        if (!strlen($filter)) {
 
 1037        if (strpos($filter, 
'(') !== 0) {
 
 1038            $filter = (
'(' . $filter);
 
 1040        if (substr($filter, -1) != 
')') {
 
 1041            $filter = ($filter . 
')');
 
 1056            include_once(
'Services/LDAP/classes/class.ilLDAPAttributeMapping.php');
 
 1057            include_once(
'Services/LDAP/classes/class.ilLDAPRoleAssignmentRules.php');
 
 1061                $mapping->getFields(),
 
 1078        if (!$this->server_id) {
 
 1081        $query = 
"SELECT * FROM ldap_server_settings WHERE server_id = " . $this->db->quote($this->server_id) . 
"";
 
if(!isset( $_REQUEST[ 'ReturnTo'])) if(!isset($_REQUEST['AuthId'])) $options
An exception for terminatinating execution or to throw for unit testing.
const IL_LDAP_BIND_ANONYMOUS
static _getAuthModeName($a_auth_key)
static _delete($a_server_id)
Delete mapping rules by server id.
static _getInstanceByServerId($a_server_id)
Get instance of class.
static _getRules($a_server_id)
Get all rules.
static getAttributeNames($a_server_id)
get all possible attribute names
static _deleteByServerId($a_server_id)
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
static _getServerList()
Get list of all configured servers.
isAuthenticationEnabled()
Check if authentication is enabled.
static getDataSource($a_auth_mode)
read()
Read server settings.
setGroupAttribute($a_value)
setAuthenticationMapping($a_map)
Set mapped authentication mapping.
static _getCronServerIds()
Get list of acticve servers with option 'SyncCron'.
static disableDataSourceForAuthMode($a_authmode)
Disable data source.
static checkLDAPLib()
Check if ldap module is installed.
setSearchBase($a_search_base)
static getInstanceByServerId($a_server_id)
Get instance by server id.
enableSyncOnLogin($a_value)
getAuthenticationMapping()
Get authentication mode that is mapped.
doConnectionCheck()
Check ldap connection and do a fallback to the next server if no connection is possible.
static _getActiveServerList()
Get active server list.
static _getPasswordServers()
Checks whether password synchronistation is enabled for an user.
static getAuthModeByKey($a_auth_key)
get auth mode by key
enableGroupMemberIsDN($a_value)
setUsernameFilter($a_value)
toPearAuthArray()
Creates an array of options compatible to PEAR Auth.
validate()
Validate user input.
static _getAllServer()
Get list of all configured servers.
enableSyncPerCron($a_value)
toggleReferrer($a_status)
setGroupUserFilter($a_filter)
enableRoleSynchronization($a_value)
const DEFAULT_NETWORK_TIMEOUT
static isAuthModeLDAP($a_auth_mode)
Check if user auth mode is LDAP.
static isDataSourceActive($a_auth_mode)
Check if a data source is active for a specific auth mode @global ilDB $ilDB.
getAuthenticationMappingKey()
Get authentication mapping key Default is ldap.
getGroupNames()
Get group names as array.
toggleMembershipOptional($a_status)
__construct($a_server_id=0)
setRoleBindPassword($a_value)
getPearAtributeArray()
Get attribute array for pear auth data.
isAccountMigrationEnabled()
enabled account migration
rotateFallbacks()
Rotate fallback urls in case of connect timeouts.
setBindPassword($a_password)
static toggleDataSource($a_ldap_server_id, $a_auth_mode, $a_status)
Toggle Data Source.
setUserAttribute($a_user_attr)
static _getRoleSyncServerIds()
Check whether there if there is an active server with option role_sync_active.
enableAccountMigration($a_status)
Enable account migration.
enableAuthentication($a_status)
Enable authentication for this ldap server.
static getAvailableDataSources($a_auth_mode)
static _getFirstActiveServer()
Get first active server.
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
static getServerIds()
Get all server ids @global ilDB $ilDB.
prepareFilter($a_filter)
Create brackets for filters if they do not exist.
enabledRoleSynchronization()
static getLogger($a_component_id)
Get component logger.
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
foreach($_POST as $key=> $value) $res