• Home
  • Horde_Auth_Ldap

PHP Class Horde_Auth_Ldap, horde

'preauthenticate' hook should return LDAP connection information in the 'ldap' credentials key.
Author: Jon Parise ([email protected])
Inheritance: extends Horde_Auth_Base
显示文件 Open project: horde/horde Class Usage Examples

Protected Properties

Property Type Description
$_capabilities array An array of capabilities, so that the driver can report which operations it supports and which it doesn't.
$_ldap Horde_Ldap LDAP object

Public Methods

Method Description
__construct ( array $params = [] ) Constructor.
addUser ( string $userId, array $credentials ) Add a set of authentication credentials.
exists ( string $userId ) : boolean Checks if $userId exists in the LDAP backend system.
listUsers ( boolean $sort = false ) : array Lists all users in the system.
removeUser ( string $userId, string $dn = null ) Remove a set of authentication credentials.
resetPassword ( string $userId ) : string Reset a user's password. Used for example when the user does not remember the existing password.
updateUser ( string $oldID, string $newID, array $credentials, string $olddn = null, string $newdn = null ) Update a set of authentication credentials.

Protected Methods

Method Description
_authenticate ( string $userId, array $credentials ) Find out if the given set of login credentials are valid.
_lookupShadow ( string $dn ) : array Checks for shadowLastChange and shadowMin/Max support and returns their values. We will also check for pwdLastSet if Active Directory is support is requested. For this check to succeed we need to be bound to the directory.

Method Details

__construct() public method

Constructor.
public __construct ( array $params = [] )
$params array Required parameters: 
'basedn' - (string) [REQUIRED] The base DN for the LDAP server.
'filter' - (string) The LDAP formatted search filter to search for
           users. This setting overrides the 'objectclass' parameter.
'ldap' - (Horde_Ldap) [REQUIRED] Horde LDAP object.
'objectclass - (string|array): The objectclass filter used to search
               for users. Either a single or an array of objectclasses.
'uid' - (string) [REQUIRED] The username search key.

_authenticate() protected method

Find out if the given set of login credentials are valid.
protected _authenticate ( string $userId, array $credentials )
$userId string The userId to check.
$credentials array An array of login credentials.

_lookupShadow() protected method

Checks for shadowLastChange and shadowMin/Max support and returns their values. We will also check for pwdLastSet if Active Directory is support is requested. For this check to succeed we need to be bound to the directory.
protected _lookupShadow ( string $dn ) : array
$dn string The dn of the user.
return array Array with keys being "shadowlastchange", "shadowmin" "shadowmax", "shadowwarning" and containing their respective values or false for no support.

addUser() public method

Add a set of authentication credentials.
public addUser ( string $userId, array $credentials )
$userId string The userId to add.
$credentials array The credentials to be set.

exists() public method

Checks if $userId exists in the LDAP backend system.
Author: Marco Ferrante, University of Genova (I)
public exists ( string $userId ) : boolean
$userId string User ID for which to check
return boolean Whether or not $userId already exists.

listUsers() public method

Lists all users in the system.
public listUsers ( boolean $sort = false ) : array
$sort boolean Sort the users?
return array The array of userIds.

removeUser() public method

Remove a set of authentication credentials.
public removeUser ( string $userId, string $dn = null )
$userId string The userId to add.
$dn string TODO

resetPassword() public method

Reset a user's password. Used for example when the user does not remember the existing password.
public resetPassword ( string $userId ) : string
$userId string The user id for which to reset the password.
return string The new password on success.

updateUser() public method

Update a set of authentication credentials.
public updateUser ( string $oldID, string $newID, array $credentials, string $olddn = null, string $newdn = null )
$oldID string The old userId.
$newID string The new userId.
$credentials array The new credentials.
$olddn string The old user DN.
$newdn string The new user DN.

Property Details

$_capabilities protected_oe property

An array of capabilities, so that the driver can report which operations it supports and which it doesn't.
protected array $_capabilities
return array

$_ldap protected_oe property

LDAP object
protected Horde_Ldap $_ldap
return Horde_Ldap