*/ class LSauthMethod extends LSlog_staticLoggerClass { var $authData = array(); public function __construct() { // Load config (without warning if not found) $conf_file = LS_CONF_DIR."LSauth/config.".get_class($this).".php"; if (LSsession :: includeFile($conf_file, false, false)) self :: log_debug(get_class($this)." :: __construct(): config file ($conf_file) loaded"); else self :: log_debug(get_class($this)." :: __construct(): config file ($conf_file) not found"); return true; } /** * Check Auth Data * * Return authentication data or false * * @retval Array|false Array of authentication data or False **/ public function getAuthData() { // Do nothing in the standard LSauthMethod class // This method have to define $this -> authData['username'] return false; } /** * Check authentication * * @retval LSldapObject|false The LSldapObject of the user authificated or false */ public function authenticate() { if (LSsession :: loadLSobject(LSsession :: $ldapServer['authObjectType'])) { $authobject = new LSsession :: $ldapServer['authObjectType'](); $result = $authobject -> searchObject( $this -> authData['username'], LSsession :: getTopDn(), (isset(LSsession :: $ldapServer['authObjectFilter'])?LSsession :: $ldapServer['authObjectFilter']:NULL), array('withoutCache' => true, 'onlyAccessible' => false) ); $nbresult=count($result); if ($nbresult==0) { // incorrect login LSdebug('identifiant incorrect'); LSerror :: addErrorCode('LSauth_01'); } else if ($nbresult>1) { // duplication of identity LSerror :: addErrorCode('LSauth_02'); } else { return $result[0]; } } else { LSerror :: addErrorCode('LSauth_03'); } return; } /** * Logout * * @retval boolean True on success or False **/ public function logout() { // Do nothing in the standard LSauthMethod class return true; } /** * After logout * * This method is run by LSsession after the local session was * was successfully destroyed. * * @retval void **/ public static function afterLogout() { return true; } /** * Get LDAP credentials * * Return LDAP credentials or false * * @params[in] $user The LSldapObject of the user authificated * * @retval Array|false Array of LDAP credentials array('dn','pwd') or False **/ public function getLDAPcredentials($user) { if (isset($this -> authData['password'])) { return array( 'dn' => $user -> getDn(), 'pwd' => $this -> authData['password'] ); } return false; } }