Allow mail attribute for login attribute too.

Configurable in setup

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@7688 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/contrib/gosa.conf b/contrib/gosa.conf
index 0cdaf16d030e83ae316f3d53c77d8523eaa68de8..33212f59a1eb9ddebb80b923fd90a19a261a728c 100644 (file)
--- a/contrib/gosa.conf
+++ b/contrib/gosa.conf
@@ -452,6 +452,11 @@
                        groups="{$cv.groupou}"
                        gidbase="{$cv.uidbase}"
                        uidbase="{$cv.uidbase}"
+{if $cv.optional.login_attribute}
+                       login_attribute="{$cv.optional.login_attribute}"
+{else}
+                       login_attribute="uid"
+{/if}
 {if $cv.optional.strict_units}
                        strict_units="true"
 {else}

diff --git a/html/index.php b/html/index.php
index ab9ed3f5c1cb950bfb320171bcdc7e2300d398c6..5be46dbec0257f8f61b74fc9fac7aae259f78074 100644 (file)
--- a/html/index.php
+++ b/html/index.php
@@ -258,7 +258,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])){
 
   /* Check for valid input */
   $username= $_POST["username"];
-  if (!ereg("^[A-Za-z0-9_.-]+$", $username)){
+  if (!ereg("^[@A-Za-z0-9_.-]+$", $username)){
     $message= _("Please specify a valid username!");
   } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0){
     $message= _("Please specify your password!");

diff --git a/include/functions.inc b/include/functions.inc
index f20ec5c9ddb4f94b8364a321e90de6d5af65e359..0de2bcfc11821c2eb49de7348eaee0929d722b96 100644 (file)
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -312,7 +312,27 @@ function ldap_login_user ($username, $password)
     exit();
   }
   $ldap->cd($config->current['BASE']);
-  $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid"));
+  $allowed_attributes = array("uid","mail");
+  $verify_attr = array();
+  if(isset($config->current['LOGIN_ATTRIBUTE'])){
+    $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']); 
+    foreach($tmp as $attr){
+      if(in_array($attr,$allowed_attributes)){
+        $verify_attr[] = $attr;
+      }
+    }
+  }
+  if(count($verify_attr) == 0){
+    $verify_attr = array("uid");
+  }
+  $tmp= $verify_attr;
+  $tmp[] = "uid";
+  $filter = "";
+  foreach($verify_attr as $attr) {
+    $filter.= "(".$attr."=".$username.")";
+  }
+  $filter = "(&(|".$filter.")(objectClass=gosaAccount))";
+  $ldap->search($filter,$tmp);
 
   /* get results, only a count of 1 is valid */
   switch ($ldap->count()){
@@ -332,13 +352,19 @@ function ldap_login_user ($username, $password)
 
   /* LDAP schema is not case sensitive. Perform additional check. */
   $attrs= $ldap->fetch();
-  if ($attrs['uid'][0] != $username){
-    return(NULL);
+  $success = FALSE;
+  foreach($verify_attr as $attr){
+    if ($attrs[$attr][0] == $username){
+      $success = TRUE;
+    }
+  }
+  if(!$success){
+    return(FALSE);
   }
 
   /* got user dn, fill acl's */
   $ui= new userinfo($config, $ldap->getDN());
-  $ui->username= $username;
+  $ui->username= $attrs['uid'][0];
 
   /* password check, bind as user with supplied password  */
   $ldap->disconnect();

diff --git a/setup/class_setupStep_Config3.inc b/setup/class_setupStep_Config3.inc
index 6db74ddb3a0db249a1c4a576887f29af18724b96..cc2307b5cd6953f1db869fd6ce88aea3d6310933 100644 (file)
--- a/setup/class_setupStep_Config3.inc
+++ b/setup/class_setupStep_Config3.inc
@@ -26,7 +26,11 @@ class Step_Config3 extends setup_step
 
   var $errorlvl   = TRUE;
 
+  var $login_attributes = array("uid"       => "uid", 
+                                "mail"      => "mail",
+                                "uid,mail"  => "both");
   var $optional = array(
+              "login_attribute" => "uid",
               "strict_units" => false,
               "list_summary" => false,
               "forceglobals" => true,
@@ -83,6 +87,7 @@ class Step_Config3 extends setup_step
     foreach($this->attributes as $attr){
       $smarty->assign($attr,$this->$attr);
     }
+    $smarty->assign("login_attributes",$this->login_attributes);
     return($smarty -> fetch (get_template_path("../setup/setup_config3.tpl")));
   }
 
@@ -98,7 +103,7 @@ class Step_Config3 extends setup_step
         }
       }
       
-      foreach(array("list_summary","strict_units","noprimarygroup","forceglobals","forcessl","ldapstats","warnssl","snmpcommunity","compile","debuglevel","session_lifetime") as $name){
+      foreach(array("login_attribute","list_summary","strict_units","noprimarygroup","forceglobals","forcessl","ldapstats","warnssl","snmpcommunity","compile","debuglevel","session_lifetime") as $name){
         if(isset($_POST[$name])){
           $this->optional[$name] = get_post($name);
         }

diff --git a/setup/setup_config3.tpl b/setup/setup_config3.tpl
index d92601a6ea811e48e577ce06c53b02206473a0e0..1db42f49e1106d80ac26ec35c201a30745f18782 100644 (file)
--- a/setup/setup_config3.tpl
+++ b/setup/setup_config3.tpl
@@ -163,6 +163,17 @@
     </div>
 
     <p><b>{t}Login and session{/t}</b></p>
+    <div class='step4_container'>
+        <div class='step4_name'>
+            {t}Login attribute{/t}
+        </div>
+        <div class='step4_value'>
+            <select name="login_attribute" size="1" title="">
+               {html_options options=$login_attributes selected=$optional.login_attribute}
+            </select>
+        </div>
+    </div>
+
     <div class='step4_container'>
         <div class='step4_name'>
             {t}Enforce register_globals to be deactivated{/t}