*/ class auth_lemonldapng extends auth_basic { var $success = true; /** * Posible things an auth backend module may be able to * do. The things a backend can do need to be set to true * in the constructor. */ var $cando = array ( 'addUser' => false, // can Users be created? 'delUser' => false, // can Users be deleted? 'modLogin' => false, // can login names be changed? 'modPass' => false, // can passwords be changed? 'modName' => false, // can real names be changed? 'modMail' => false, // can emails be changed? 'modGroups' => false, // can groups be changed? 'getUsers' => false, // can a (filtered) list of users be retrieved? 'getUserCount'=> false, // can the number of users be retrieved? 'getGroups' => false, // can a list of available groups be retrieved? 'external' => true, // does the module do external auth checking? 'logout' => true, // can the user logout again? (eg. not possible with HTTP auth) ); function auth_lemonldapng() { global $conf; $this->cnf = $conf['auth']['lemonldapng']; // Set default headers name if(empty($this->cnf['header_login'])) $this->cnf['header_login'] = 'HTTP_AUTH_USER'; if(empty($this->cnf['header_name'])) $this->cnf['header_name'] = 'HTTP_USER_NAME'; if(empty($this->cnf['header_mail'])) $this->cnf['header_mail'] = 'HTTP_USER_MAIL'; if(empty($this->cnf['header_groups'])) $this->cnf['header_groups'] = 'HTTP_USER_GROUPS'; } function trustExternal($user,$pass,$sticky=false){ global $USERINFO; $username = $_SERVER{$this->cnf['header_login']}; $USERINFO['name'] = $_SERVER{$this->cnf['header_name']}; $USERINFO['mail'] = $_SERVER{$this->cnf['header_mail']}; $USERINFO['grps'] = preg_split("/; /", $_SERVER{$this->cnf['header_groups']}); // print info if debug is enabled if ($this->cnf['debug']){ msg('LemonLDAP::NG Login Name: '.htmlspecialchars($username),0,__LINE__,__FILE__); msg('LemonLDAP::NG Full Name: '.htmlspecialchars($USERINFO['name']),0,__LINE__,__FILE__); msg('LemonLDAP::NG User Email Address: '.htmlspecialchars($USERINFO['mail']),0,__LINE__,__FILE__); if (is_array($USERINFO['grps'])) foreach ($USERINFO['grps'] as $group){ msg('LemonLDAP::NG User Groups: '.htmlspecialchars($group),0,__LINE__,__FILE__); } } $success = $USERINFO !== false; if ($success) { $_SERVER['REMOTE_USER'] = $username; $_SESSION[DOKU_COOKIE]['auth']['user'] = $username; $_SESSION[DOKU_COOKIE]['auth']['info'] = $USERINFO; } return $success; } }