From: hickert Date: Tue, 30 Oct 2007 11:31:58 +0000 (+0000) Subject: Allow mail attribute for login attribute too. X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=e11b86473a71b942a499bcd8233807acb7fefc3e;p=gosa.git Allow mail attribute for login attribute too. Configurable in setup git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.5@7688 594d385d-05f5-0310-b6e9-bd551577e9d8 --- diff --git a/contrib/gosa.conf b/contrib/gosa.conf index 0cdaf16d0..33212f59a 100644 --- a/contrib/gosa.conf +++ b/contrib/gosa.conf @@ -452,6 +452,11 @@ groups="{$cv.groupou}" gidbase="{$cv.uidbase}" uidbase="{$cv.uidbase}" +{if $cv.optional.login_attribute} + login_attribute="{$cv.optional.login_attribute}" +{else} + login_attribute="uid" +{/if} {if $cv.optional.strict_units} strict_units="true" {else} diff --git a/html/index.php b/html/index.php index ab9ed3f5c..5be46dbec 100644 --- a/html/index.php +++ b/html/index.php @@ -258,7 +258,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['login'])){ /* Check for valid input */ $username= $_POST["username"]; - if (!ereg("^[A-Za-z0-9_.-]+$", $username)){ + if (!ereg("^[@A-Za-z0-9_.-]+$", $username)){ $message= _("Please specify a valid username!"); } elseif (mb_strlen($_POST["password"], 'UTF-8') == 0){ $message= _("Please specify your password!"); diff --git a/include/functions.inc b/include/functions.inc index f20ec5c9d..0de2bcfc1 100644 --- a/include/functions.inc +++ b/include/functions.inc @@ -312,7 +312,27 @@ function ldap_login_user ($username, $password) exit(); } $ldap->cd($config->current['BASE']); - $ldap->search("(&(uid=$username)(objectClass=gosaAccount))", array("uid")); + $allowed_attributes = array("uid","mail"); + $verify_attr = array(); + if(isset($config->current['LOGIN_ATTRIBUTE'])){ + $tmp = split(",",$config->current['LOGIN_ATTRIBUTE']); + foreach($tmp as $attr){ + if(in_array($attr,$allowed_attributes)){ + $verify_attr[] = $attr; + } + } + } + if(count($verify_attr) == 0){ + $verify_attr = array("uid"); + } + $tmp= $verify_attr; + $tmp[] = "uid"; + $filter = ""; + foreach($verify_attr as $attr) { + $filter.= "(".$attr."=".$username.")"; + } + $filter = "(&(|".$filter.")(objectClass=gosaAccount))"; + $ldap->search($filter,$tmp); /* get results, only a count of 1 is valid */ switch ($ldap->count()){ @@ -332,13 +352,19 @@ function ldap_login_user ($username, $password) /* LDAP schema is not case sensitive. Perform additional check. */ $attrs= $ldap->fetch(); - if ($attrs['uid'][0] != $username){ - return(NULL); + $success = FALSE; + foreach($verify_attr as $attr){ + if ($attrs[$attr][0] == $username){ + $success = TRUE; + } + } + if(!$success){ + return(FALSE); } /* got user dn, fill acl's */ $ui= new userinfo($config, $ldap->getDN()); - $ui->username= $username; + $ui->username= $attrs['uid'][0]; /* password check, bind as user with supplied password */ $ldap->disconnect(); diff --git a/setup/class_setupStep_Config3.inc b/setup/class_setupStep_Config3.inc index 6db74ddb3..cc2307b5c 100644 --- a/setup/class_setupStep_Config3.inc +++ b/setup/class_setupStep_Config3.inc @@ -26,7 +26,11 @@ class Step_Config3 extends setup_step var $errorlvl = TRUE; + var $login_attributes = array("uid" => "uid", + "mail" => "mail", + "uid,mail" => "both"); var $optional = array( + "login_attribute" => "uid", "strict_units" => false, "list_summary" => false, "forceglobals" => true, @@ -83,6 +87,7 @@ class Step_Config3 extends setup_step foreach($this->attributes as $attr){ $smarty->assign($attr,$this->$attr); } + $smarty->assign("login_attributes",$this->login_attributes); return($smarty -> fetch (get_template_path("../setup/setup_config3.tpl"))); } @@ -98,7 +103,7 @@ class Step_Config3 extends setup_step } } - foreach(array("list_summary","strict_units","noprimarygroup","forceglobals","forcessl","ldapstats","warnssl","snmpcommunity","compile","debuglevel","session_lifetime") as $name){ + foreach(array("login_attribute","list_summary","strict_units","noprimarygroup","forceglobals","forcessl","ldapstats","warnssl","snmpcommunity","compile","debuglevel","session_lifetime") as $name){ if(isset($_POST[$name])){ $this->optional[$name] = get_post($name); } diff --git a/setup/setup_config3.tpl b/setup/setup_config3.tpl index d92601a6e..1db42f49e 100644 --- a/setup/setup_config3.tpl +++ b/setup/setup_config3.tpl @@ -163,6 +163,17 @@

{t}Login and session{/t}

+
+
+ {t}Login attribute{/t} +
+
+ +
+
+
{t}Enforce register_globals to be deactivated{/t}