![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
[gosa.git] / gosa-plugins / heimdal / admin / systems / services / kerberos / class_password-methods-MIT.inc
diff --git a/gosa-plugins/heimdal/admin/systems/services/kerberos/class_password-methods-MIT.inc b/gosa-plugins/heimdal/admin/systems/services/kerberos/class_password-methods-MIT.inc
index c52d84095bb2abec0da8aac0ed5d2e12d5a4e618..fbfd17c91ebc41b62c4ae7fa4991dfe6149d027c 100644 (file)
var $POLICIES = array(); // Policies provided by the corrently selected realm/server
-
- function __construct(&$config,$dn = "new")
+ public function __construct(&$config,$dn = "new")
{
$this->config= $config;
$this->parent_dn = $dn;
return;
}
- /* Keep cache until we try to configure a principal
+ /* Keep the cached valued and skip loading principals
+ from si until this method gets configured.
*/
+ $skip_si_access = TRUE;
if($dn != "new" && $dn != ""){
session::un_set("MIT_CACHE");
session::un_set("MIT_PRINCIPAL_CACHE");
session::un_set("MIT_POLICY_CACHE");
+ $skip_si_access = FALSE;
}
/* Get a list of all kerberos servers, defined in ldap
if(!isset($attrs['macAddress'][0])) continue;
if(!isset($attrs['description'][0])) $attrs['description'][0] ="";
- $principals = $this->load_principals_for_server($attrs['macAddress'][0]);
+ if($skip_si_access){
+ $principals = array();
+ }else{
+ $principals = $this->load_principals_for_server($attrs['macAddress'][0]);
+ }
/* Create Realm/Server/Principal mapping.
*/
"cn" => $attrs['cn'][0]);
}
- /* Load object data from ldap && initialize this class
+ /* If this methods is initialized with a valid object dn then
+ load the object data from ldap and the SI daemon && initialize this class.
*/
$this->is_new = TRUE;
- if($dn != "new" && $dn != ""){
+ if(!$skip_si_access){
$ldap = $this->config->get_ldap_link();
$ldap->cd($dn);
$ldap->cat($dn);
$this->attrs = $ldap->fetch();
+
+ /* Set initial pwd hash which take effect if no password method was set yet.
+ Will be overwritten by the following lines, if the user has already a valid principal.
+ */
+ $this->principal = $this->attrs['uid'][0]."@".$this->goKrbRealm;
+
if(isset($this->attrs['userPassword']) && preg_match("/^\{".$this->get_hash_name()."\}/",$this->attrs['userPassword'][0])){
/* Extract principal name out of userPassword attribute
}
- /*! \brief Load this plugin with the values of the given principal
+ /*! \brief Load a specific principal from the si daemon
+ and initialize this plugin with it.
@param String The macAddress of the kerberos server.
@param String The name of the principal to load.
*/
/* Load flags
*/
- if(isset($tmp['ATTRIBUTES'])){
- $this->used_flags = $tmp['ATTRIBUTES'];
- }
+ if(isset($tmp['ATTRIBUTES'])){
+ $this->used_flags = $tmp['ATTRIBUTES'];
+ }
/* Load readonly attributes
*/
}
- /*! \brief get list of all configured principals
- for a given server.
- The results will cached.
+ /*! \brief Get the list of all configured principals for a given server.
+ @param String The servers mac address.
+ @return Array A list with all principals
+ The results will cached.
*/
public function load_principals_for_server($server)
{
This is the case if there is a si server running and at least one server configured.
kerberos support.
*/
- function is_available()
+ public function is_available()
{
$o = new gosaSupportDaemon(FALSE);
if(count($this->server_list) && $o->connect()){
}
- function generate_hash($pwd)
+ /*! \brief Create the password hash. In this case: {kerberos/sasl}name@RELAM
+ @param String The password -in this case unusued.
+ @return String The generated hash
+ */
+ public function generate_hash($pwd = "")
{
$mode= "kerberos";
if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
}
- function remove_from_parent()
+ /*! \brief Removes this principal.
+ */
+ public function remove_from_parent()
{
if(!empty($this->principal) && $this->goKrbRealm){
$server = $this->map['REALM_SERVER'][$this->goKrbRealm];
}
- function set_password($password)
+ /*! \brief Set a new password for this principal
+ @param String The new password.
+ */
+ public function set_password($password)
{
if(!empty($this->principal) && $this->goKrbRealm){
$server = $this->map['REALM_SERVER'][$this->goKrbRealm];
}
- function get_hash_name()
+ /*! \brief Return the hash name of this mehtod, e.g. to identify methods.
+ @return String The hash used by this method.
+ */
+ public function get_hash_name()
{
$mode= "kerberos";
if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
}
- function is_configurable()
+ /*! \brief Returns TRUE if this method is configurable else FALSE
+ @retrun Boolena TRUE if configurable, else FALSE.
+ */
+ public function is_configurable()
{
return TRUE;
}
- function get_description()
+ /*! \brief Additional info displayed in the users password method drop down.
+ @retunr String Additional password method info.
+ */
+ public function get_description()
{
return(_("Daemon based"));
}
- function configure()
+ /*! \brief Display a HTML based configuration dialog for this plugin
+ @return String HTML.
+ */
+ public function configure()
{
$this->save_object();
}
}
-
$smarty = get_smarty();
-
$smarty->assign("si_error",$this->si_error);
$smarty->assign("si_error_msg",$this->si_error_msg);
-
$smarty->assign("years",$years);
$smarty->assign("month",$month);
$smarty->assign("days",$days);
$smarty->assign("hours",$hours);
$smarty->assign("minutes",$minutes);
-
$smarty->assign("server_list",$this->server_list);
$smarty->assign("POLICY" ,$this->POLICY);
$smarty->assign("goKrbRealm" , $this->goKrbRealm);
-
$server_name = $this->map['REALM_SERVER'][$this->goKrbRealm];
$server_mac = $this->server_list[$server_name]['macAddress'];
$this->POLICIES = $this->load_policies_for_server($server_mac);
$date_values = array("PRINC_EXPIRE_TIME","PW_EXPIRATION");
foreach($date_values as $date_val){
-
-
-
$clear = $date_val."_clear";
$smarty->assign($date_val."_clear",$this->$clear);
$smarty->assign($date_val."_y",date("Y",$this->$date_val));
$smarty->assign($date_val."_i",date("i",$this->$date_val));
}
-
- return($smarty->fetch(get_template_path("pwd_kerberos_mit.tpl")));
+ return($smarty->fetch(get_template_path("pwd_kerberos_mit.tpl",TRUE,dirname(__FILE__))));
}
- function save_object()
+ /*! \brief Saves all relevant HTML posts for this plugin
+ */
+ public function save_object()
{
/* If the communication with the si server failed,
you are able to retry to connect to the server.
}
- function check()
+ /*! \brief Checks the values specified in the configuration dialog.
+ @return Array Containing all error messages.
+ */
+ public function check()
{
$message = array();
}
- function chk_times($str)
- {
- if(preg_match("/^([0-9]){12,12}[a-z]$/i",$str)){
- return(true);
- }
- return(false);
- }
-
-
- function save($dn)
+ /*! \brief Saves changes back to the SI daemon.
+ */
+ public function save($dn)
{
$ldap = $this->config->get_ldap_link();
$ldap->cd($dn);
/* Set date values
*/
- $date_values = array("PW_EXPIRATION","PRINC_EXPIRE_TIME");
+ $date_values = array("PW_EXPIRATION","PRINC_EXPIRE_TIME");
foreach($date_values as $value){
$clear = $value."_clear";
if($this->$clear){