tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-26 23:34:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

Make LDAP Groups optional

Browse Source 
refs #7343
This commit is contained in:
Alexander Fuhr 2014-10-06 13:35:17 +02:00
parent 865ef76cb8
commit 421263af00
2 changed files with 15 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
library/Icinga/Authentication/Backend/LdapUserBackend.php
View File

@ -90,13 +90,15 @@ class LdapUserBackend extends UserBackend
/** /**
* Retrieve the user groups * Retrieve the user groups
* *
* @TODO: Subject to change, see #7343
*
* @param string $dn * @param string $dn
* *
* @return array|null * @return array|null
*/ */
public function getGroups($dn) public function getGroups($dn)
{ {
if (empty($this->groupOptions)) { if (empty($this->groupOptions) || ! isset($this->groupOptions['group_base_dn'])) {
return null; return null;
} }

62
library/Icinga/Authentication/UserBackend.php
View File

@ -93,7 +93,6 @@ abstract class UserBackend implements Countable
$backend = new DbUserBackend($resource); $backend = new DbUserBackend($resource);
break; break;
case 'msldap': case 'msldap':
self::checkLdapConfiguration($name, $backendConfig);
$groupOptions = array( $groupOptions = array(
'group_base_dn' => $backendConfig->group_base_dn, 'group_base_dn' => $backendConfig->group_base_dn,
'group_attribute' => $backendConfig->group_attribute, 'group_attribute' => $backendConfig->group_attribute,
@ -108,7 +107,18 @@ abstract class UserBackend implements Countable
); );
break; break;
case 'ldap': case 'ldap':
self::checkLdapConfiguration($name, $backendConfig); if ($backendConfig->user_class === null) {
throw new ConfigurationError(
'Authentication configuration for backend "%s" is missing the user_class directive',
$name
);
}
if ($backendConfig->user_name_attribute === null) {
throw new ConfigurationError(
'Authentication configuration for backend "%s" is missing the user_name_attribute directive',
$name
);
}
$groupOptions = array( $groupOptions = array(
'group_base_dn' => $backendConfig->group_base_dn, 'group_base_dn' => $backendConfig->group_base_dn,
'group_attribute' => $backendConfig->group_attribute, 'group_attribute' => $backendConfig->group_attribute,
@ -152,52 +162,4 @@ abstract class UserBackend implements Countable
* @return bool * @return bool
*/ */
abstract public function authenticate(User $user, $password); abstract public function authenticate(User $user, $password);
/**
* Checks the ldap configuration
*
* @param $name
* @param Zend_Config $backendConfig
*
* @throws \Icinga\Exception\ConfigurationError
*/
protected static function checkLdapConfiguration($name, Zend_Config $backendConfig)
{
if ($backendConfig->user_class === null) {
throw new ConfigurationError(
'Authentication configuration for backend "%s" is missing the user_class directive',
$name
);
}
if ($backendConfig->user_name_attribute === null) {
throw new ConfigurationError(
'Authentication configuration for backend "%s" is missing the user_name_attribute directive',
$name
);
}
if ($backendConfig->group_base_dn === null) {
throw new ConfigurationError(
'Authentication configuration for backend "%s" is missing the group_base_dn directive',
$name
);
}
if ($backendConfig->group_attribute === null) {
throw new ConfigurationError(
'Authentication configuration for backend "%s" is missing the group_attribute directive',
$name
);
}
if ($backendConfig->group_member_attribute === null) {
throw new ConfigurationError(
'Authentication configuration for backend "%s" is missing the group_member_attribute directive',
$name
);
}
if ($backendConfig->group_class === null) {
throw new ConfigurationError(
'Authentication configuration for backend "%s" is missing the group_class directive',
$name
);
}
}
} }