{
global $auth_type, $auth_users, $_msg_auth, $auth_user, $auth_groups;
global $auth_user_groups, $auth_user_fullname;
- global $auth_provider_user_prefix, $ldap_user_account;
+ global $ldap_user_account;
global $read_auth, $edit_auth;
if ($read_auth || $edit_auth) {
switch ($auth_type) {
function ldap_auth($username, $password)
{
- global $ldap_url, $ldap_bind_dn, $ldap_bind_password;
- if (preg_match('#^(ldap\:\/\/[^/]+/)(.*)$#', $ldap_url, $m)) {
- $ldap_server = $m[1];
- $ldap_base_dn = $m[2];
- $ldapconn = ldap_connect($ldap_server);
- if ($ldapconn) {
- ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
- if (preg_match('#\$login\b#', $ldap_bind_dn)) {
- // Bind by user credential
- $bind_dn_user = preg_replace('#\$login#', $username, $ldap_bind_dn);
- $ldap_bind_user = ldap_bind($ldapconn, $bind_dn_user, $password);
- if ($ldap_bind_user) {
- $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn);
- if ($user_info) {
+ global $ldap_server, $ldap_base_dn, $ldap_bind_dn, $ldap_bind_password;
+ $ldapconn = ldap_connect($ldap_server);
+ if ($ldapconn) {
+ ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
+ if (preg_match('#\$login\b#', $ldap_bind_dn)) {
+ // Bind by user credential
+ $bind_dn_user = preg_replace('#\$login#', $username, $ldap_bind_dn);
+ $ldap_bind_user = ldap_bind($ldapconn, $bind_dn_user, $password);
+ if ($ldap_bind_user) {
+ $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn);
+ if ($user_info) {
+ session_regenerate_id(true); // require: PHP5.1+
+ $_SESSION['authenticated_user'] = $user_info['uid'];
+ $_SESSION['authenticated_user_fullname'] = $user_info['fullname'];
+ return true;
+ }
+ }
+ } else {
+ // Bind by bind dn
+ $ldap_bind = ldap_bind($ldapconn, $ldap_bind_dn, $ldap_bind_password);
+ if ($ldap_bind) {
+ $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn);
+ if ($user_info) {
+ $ldap_bind_user2 = ldap_bind($ldapconn, $user_info['dn'], $password);
+ if ($ldap_bind_user2) {
session_regenerate_id(true); // require: PHP5.1+
$_SESSION['authenticated_user'] = $user_info['uid'];
$_SESSION['authenticated_user_fullname'] = $user_info['fullname'];
return true;
}
}
- } else {
- // Bind by bind dn
- $ldap_bind = ldap_bind($ldapconn, $ldap_bind_dn, $ldap_bind_password);
- if ($ldap_bind) {
- $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn);
- if ($user_info) {
- $ldap_bind_user2 = ldap_bind($ldapconn, $user_info['dn'], $password);
- if ($ldap_bind_user2) {
- session_regenerate_id(true); // require: PHP5.1+
- $_SESSION['authenticated_user'] = $user_info['uid'];
- $_SESSION['authenticated_user_fullname'] = $user_info['fullname'];
- return true;
- }
- }
- }
}
}
}
// Get LDAP user info via bind DN
function ldap_get_simple_user_info($username)
{
- global $ldap_url, $ldap_bind_dn, $ldap_bind_password;
- if (preg_match('#^(ldap\:\/\/[^/]+/)(.*)$#', $ldap_url, $m)) {
- $ldap_server = $m[1];
- $ldap_base_dn = $m[2];
- $ldapconn = ldap_connect($ldap_server);
- if ($ldapconn) {
- ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
- // Bind by bind dn
- $ldap_bind = ldap_bind($ldapconn, $ldap_bind_dn, $ldap_bind_password);
- if ($ldap_bind) {
- $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn);
- if ($user_info) {
- return $user_info;
- }
+ global $ldap_server, $ldap_base_dn, $ldap_bind_dn, $ldap_bind_password;
+ $ldapconn = ldap_connect($ldap_server);
+ if ($ldapconn) {
+ ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
+ ldap_set_option($ldapconn, LDAP_OPT_REFERRALS, 0);
+ // Bind by bind dn
+ $ldap_bind = ldap_bind($ldapconn, $ldap_bind_dn, $ldap_bind_password);
+ if ($ldap_bind) {
+ $user_info = get_ldap_user_info($ldapconn, $username, $ldap_base_dn);
+ if ($user_info) {
+ return $user_info;
}
}
}
function add_author_info($wikitext)
{
global $auth_user, $auth_user_fullname, $auth_type, $ldap_user_account;
+ global $auth_provider_user_prefix_default;
+ global $auth_provider_user_prefix_ldap;
+ global $auth_provider_user_prefix_external;
$author = preg_replace('/"/', '', $auth_user);
$fullname = $auth_user_fullname;
if (!$fullname && $author) {
$user_prefix = '';
switch ($auth_type) {
case AUTH_TYPE_BASIC:
- $user_prefix = AUTH_PROVIDER_USER_PREFIX_DEFAULT;
+ $user_prefix = $auth_provider_user_prefix_default;
break;
case AUTH_TYPE_EXTERNAL:
case AUTH_TYPE_EXTERNAL_REMOTE_USER:
case AUTH_TYPE_EXTERNAL_X_FORWARDED_USER:
- $user_prefix = AUTH_PROVIDER_USER_PREFIX_EXTERNAL;
+ $user_prefix = $auth_provider_user_prefix_external;
break;
case AUTH_TYPE_FORM:
if ($ldap_user_account) {
- $user_prefix = AUTH_PROVIDER_USER_PREFIX_LDAP;
+ $user_prefix = $auth_provider_user_prefix_ldap;
} else {
- $user_prefix = AUTH_PROVIDER_USER_PREFIX_DEFAULT;
+ $user_prefix = $auth_provider_user_prefix_default;
}
break;
}
<?php
// PukiWiki - Yet another WikiWikiWeb clone
-// $Id: pukiwiki.ini.php,v 1.148 2007/02/11 05:53:30 henoheno Exp $
-// Copyright (C)
-// 2002-2006 PukiWiki Developers Team
+// pukiwiki.ini.php
+// Copyright
+// 2002-2016 PukiWiki Development Team
// 2001-2002 Originally written by yu-ji
// License: GPL v2 or (at your option) any later version
//
// Page name of default pronouncing dictionary, used when converter = 'none'
$pagereading_config_dict = ':config/PageReading/dict';
+
+/////////////////////////////////////////////////
+// Authentication type
+// AUTH_TYPE_NONE, AUTH_TYPE_FORM, AUTH_TYPE_BASIC, AUTH_TYPE_EXTERNAL, ...
+// $auth_type = AUTH_TYPE_FORM;
+// $auth_external_login_url_base = './exlogin.php';
+
+/////////////////////////////////////////////////
+// LDAP
+$ldap_user_account = 0; // (0: Disabled, 1: Enabled)
+// $ldap_server = 'ldap://ldapserver:389';
+// $ldap_base_dn = 'ou=Users,dc=ldap,dc=example,dc=com';
+// $ldap_bind_dn = 'uid=$login,dc=example,dc=com';
+// $ldap_bind_password = '';
+
+/////////////////////////////////////////////////
+// User prefix that shows its auth provider
+$auth_provider_user_prefix_default = 'default:';
+$auth_provider_user_prefix_ldap = 'ldap:';
+$auth_provider_user_prefix_external = 'external:';
+
+
/////////////////////////////////////////////////
// User definition
$auth_users = array(
);
/////////////////////////////////////////////////
-// Authentication type
-// AUTH_TYPE_FORM, AUTH_TYPE_BASIC or AUTH_TYPE_EXTERNAL
-// $auth_type = AUTH_TYPE_FORM;
-// $auth_external_login_url_base = './exlogin.php';
-
-/////////////////////////////////////////////////
// Authentication method
$auth_method_type = 'pagename'; // By Page name
$search_auth = 0;
/////////////////////////////////////////////////
-// LDAP
-$ldap_user_account = 0;
-// $ldap_user_account = 1; // (0: Disabled, 1: Enabled)
-// $ldap_url = 'ldap://ldapserver:389/ou=Users,dc=ldap,dc=example,dc=com';
-// $ldap_bind_dn = '';
-// $ldap_bind_password = '';
-
-/////////////////////////////////////////////////
-// User prefix that shows its auth provider
-define('AUTH_PROVIDER_USER_PREFIX_DEFAULT', 'default:');
-define('AUTH_PROVIDER_USER_PREFIX_LDAP', 'ldap:');
-define('AUTH_PROVIDER_USER_PREFIX_EXTERNAL', 'external:');
-
-/////////////////////////////////////////////////
// $whatsnew: Max number of RecentChanges
$maxshow = 60;