Started implementing installer changes for LDAP support

src/include/config.sample.php

@@ -54,9 +54,10 @@ $CFG['UserDBPref'] = "";
 $CFG['UserDBUser'] = "";
 $CFG['UserDBPass'] = "";
 $CFG['UserDBLoginRequired'] = false;
+$CFG['UserDBAuthMode'] = USERDB_AUTH_INTERNAL;	// USERDB_AUTH_INTERNAL means LogAnalyzer Internal Auth
+												// USERDB_AUTH_LDAP means Auth via LDAP Server
 
-// LDAP auth options
-$CFG['LDAPUserLoginRequired'] = false;				// Activate LDAP auth
+// LDAP Auth options
 $CFG['LDAPServer'] = "127.0.0.1";					// LDAP server hostname or IP
 $CFG['LDAPPort'] = 389;								// LDAP port, 389 or 636 for SSL
 $CFG['LDAPBaseDN'] = 'CN=Users,DC=domain,DC=local';	// Base DN for LDAP Search, this is a typical ActiveDirectory sample

src/include/constants_general.php

@@ -103,6 +103,11 @@ define('DB_INFORMIX', 7);
 define('DB_SQLITE', 8);
 // --- 
 
+// --- Define supported AUTH Methods
+define('USERDB_AUTH_INTERNAL', 0);
+define('USERDB_AUTH_LDAP', 1);
+// --- 
+
 // --- Syslog specific defines!
 define('SYSLOG_KERN', 0);
 define('SYSLOG_USER', 1);

src/include/functions_common.php

@@ -253,6 +253,21 @@ function CreateSourceTypesList( $selectedSource )
 	if ( $selectedSource == $content['SOURCETYPES'][SOURCE_PDO]['type'] ) { $content['SOURCETYPES'][SOURCE_PDO]['selected'] = "selected"; } else { $content['SOURCETYPES'][SOURCE_PDO]['selected'] = ""; }
 }
 
+function CreateAuthTypesList( $selectedAuth )
+{
+	global $content;
+
+	// SOURCE_DISK
+	$content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['type'] = USERDB_AUTH_INTERNAL;
+	$content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['DisplayName'] = $content['LN_GEN_AUTH_INTERNAL'];
+	if ( $selectedAuth == $content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['type'] ) { $content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['selected'] = "selected"; } else { $content['AUTHTYPES'][USERDB_AUTH_INTERNAL]['selected'] = ""; }
+
+	// SOURCE_DB ( MYSQL NATIVE )
+	$content['AUTHTYPES'][USERDB_AUTH_LDAP]['type'] = USERDB_AUTH_LDAP;
+	$content['AUTHTYPES'][USERDB_AUTH_LDAP]['DisplayName'] = $content['LN_GEN_AUTH_LDAP'];
+	if ( $selectedAuth == $content['AUTHTYPES'][USERDB_AUTH_LDAP]['type'] ) { $content['AUTHTYPES'][USERDB_AUTH_LDAP]['selected'] = "selected"; } else { $content['AUTHTYPES'][USERDB_AUTH_LDAP]['selected'] = ""; }
+}
+
 function CreateFieldAlignmentList( $selectedAlignment )
 {
 	global $content;

src/include/functions_users.php

@@ -164,7 +164,7 @@ function CheckUserLogin( $username, $password )
 	global $content;
 
 	// Check if LDAP Auth has to be used!
-	if ( GetConfigSetting("LDAPUserLoginRequired", "") == "true")
+	if ( GetConfigSetting("UserDBAuthMode", USERDB_AUTH_INTERNAL) == USERDB_AUTH_LDAP)
 	{
 		// perform user auth using LDAP, will add user record to loganalyzer DB if necessary
 		$myrow = CheckLDAPUserLogin( $username, $password );

src/install.php

@@ -59,6 +59,7 @@ define('MAX_STEPS', 8);
 $content['web_theme'] = "default";
 $content['user_theme'] = "default";
 $configsamplefile = $content['BASEPATH'] . "include/config.sample.php"; 
+$content['HeaderDefaultEncoding'] = ENC_ISO_8859_1; // Set Default encoding!  
 
 //ini_set('error_reporting', E_ALL); // DEBUG ENABLE
 // ***					*** //
@@ -207,6 +208,21 @@ else if ( $content['INSTALL_STEP'] == 3 )
 	if ( isset($_SESSION['UserDBPass']) ) { $content['UserDBPass'] = $_SESSION['UserDBPass']; } else { $content['UserDBPass'] = ""; }
 	if ( isset($_SESSION['UserDBLoginRequired']) ) { $content['UserDBLoginRequired'] = $_SESSION['UserDBLoginRequired']; } else { $content['UserDBLoginRequired'] = false; }
 
+	// Init Auth Options
+	if ( isset($_SESSION['UserDBAuthMode']) ) { $content['UserDBAuthMode'] = $_SESSION['UserDBAuthMode']; } else { $content['UserDBAuthMode'] = USERDB_AUTH_INTERNAL; }
+	CreateAuthTypesList($content['UserDBAuthMode']);
+
+	// LDAP related properties
+	if ( isset($_SESSION['LDAPServer']) ) { $content['LDAPServer'] = $_SESSION['LDAPServer']; } else { $content['LDAPServer'] = "localhost"; }
+	if ( isset($_SESSION['LDAPPort']) ) { $content['LDAPPort'] = $_SESSION['LDAPPort']; } else { $content['LDAPPort'] = "389"; }
+	if ( isset($_SESSION['LDAPBaseDN']) ) { $content['LDAPBaseDN'] = $_SESSION['LDAPBaseDN']; } else { $content['LDAPBaseDN'] = "CN=Users,DC=domain,DC=local"; }
+	if ( isset($_SESSION['LDAPSearchFilter']) ) { $content['LDAPSearchFilter'] = $_SESSION['LDAPSearchFilter']; } else { $content['LDAPSearchFilter'] = "(objectClass=user)"; }
+	if ( isset($_SESSION['LDAPUidAttribute']) ) { $content['LDAPUidAttribute'] = $_SESSION['LDAPUidAttribute']; } else { $content['LDAPUidAttribute'] = "sAMAccountName"; }
+	if ( isset($_SESSION['LDAPBindDN']) ) { $content['LDAPBindDN'] = $_SESSION['LDAPBindDN']; } else { $content['LDAPBindDN'] = "CN=Searchuser,CN=Users,DC=domain,DC=local"; }
+	if ( isset($_SESSION['LDAPBindPassword']) ) { $content['LDAPBindPassword'] = $_SESSION['LDAPBindPassword']; } else { $content['LDAPBindPassword'] = "Password"; }
+	if ( isset($_SESSION['LDAPDefaultAdminUser']) ) { $content['LDAPDefaultAdminUser'] = $_SESSION['LDAPDefaultAdminUser']; } else { $content['LDAPDefaultAdminUser'] = "Administrator"; }
+	
+	// Set template variables
 	if ( $content['UserDBEnabled'] == 1 )
 	{
 		$content['UserDBEnabled_true'] = "checked";
@@ -299,7 +315,7 @@ else if ( $content['INSTALL_STEP'] == 4 )
 			if ( isset($_POST['UserDBUser']) )
 				$_SESSION['UserDBUser'] = DB_RemoveBadChars($_POST['UserDBUser']);
 			else
-				RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING']. $content['LN_CFG_DBUSER'] );
+				RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_DBUSER'] );
 
 			if ( isset($_POST['UserDBPass']) )
 				$_SESSION['UserDBPass'] = DB_RemoveBadChars($_POST['UserDBPass']);
@@ -311,6 +327,48 @@ else if ( $content['INSTALL_STEP'] == 4 )
 			else
 				$_SESSION['UserDBLoginRequired'] = false;
 
+			if ( isset($_POST['UserDBAuthMode']) )
+				$_SESSION['UserDBAuthMode'] = intval(DB_RemoveBadChars($_POST['UserDBAuthMode']));
+			else
+				$_SESSION['UserDBAuthMode'] = USERDB_AUTH_INTERNAL;
+			
+
+			// LDAP Properties
+			if ( $_SESSION['UserDBAuthMode'] == USERDB_AUTH_LDAP )
+			{
+				if ( isset($_POST['LDAPServer']) )
+					$_SESSION['LDAPServer'] = DB_RemoveBadChars($_POST['LDAPServer']);
+				else
+					RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPServer'] );
+				if ( isset($_POST['LDAPPort']) )
+					$_SESSION['LDAPPort'] = intval(DB_RemoveBadChars($_POST['LDAPPort']));
+				else
+					RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPPort'] );
+				if ( isset($_POST['LDAPBaseDN']) )
+					$_SESSION['LDAPBaseDN'] = DB_RemoveBadChars($_POST['LDAPBaseDN']);
+				else
+					RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPBaseDN'] );
+				if ( isset($_POST['LDAPSearchFilter']) )
+					$_SESSION['LDAPSearchFilter'] = DB_RemoveBadChars($_POST['LDAPSearchFilter']);
+				else
+					RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPSearchFilter'] );
+				if ( isset($_POST['LDAPUidAttribute']) )
+					$_SESSION['LDAPUidAttribute'] = DB_RemoveBadChars($_POST['LDAPUidAttribute']);
+				else
+					RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPUidAttribute'] );
+				if ( isset($_POST['LDAPBindDN']) )
+					$_SESSION['LDAPBindDN'] = DB_RemoveBadChars($_POST['LDAPBindDN']);
+				else
+					RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPBindDN'] );
+				if ( isset($_POST['LDAPBindPassword']) )
+					$_SESSION['LDAPBindPassword'] = DB_RemoveBadChars($_POST['LDAPBindPassword']);
+				else
+					RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPBindPassword'] );
+				if ( isset($_POST['LDAPDefaultAdminUser']) )
+					$_SESSION['LDAPDefaultAdminUser'] = DB_RemoveBadChars($_POST['LDAPDefaultAdminUser']);
+				else
+					RevertOneStep( $content['INSTALL_STEP']-1, $content['LN_CFG_PARAMMISSING'] . $content['LN_CFG_LDAPDefaultAdminUser'] );
+			}
 
 			// Now Check database connect
 			$link_id = mysql_connect( $_SESSION['UserDBServer'], $_SESSION['UserDBUser'], $_SESSION['UserDBPass']);

src/lang/en/main.php

@@ -80,34 +80,35 @@ $content['LN_ERROR_DB_INVALIDDBMAPPING'] = "Invalid datafield mappings";
 $content['LN_ERROR_DB_INVALIDDBDRIVER'] = "Invalid database driver selected";
 $content['LN_ERROR_DB_TABLENOTFOUND'] = "Could not find the configured table, maybe misspelled or the tablenames are case sensitive";
 $content['LN_ERROR_DB_DBFIELDNOTFOUND'] = "Database Field mapping for at least one field could not be found.";
-
-	$content['LN_GEN_SELECTEXPORT'] = "> Select Exportformat <";
-	$content['LN_GEN_EXPORT_CVS'] = "CVS (Comma separated)";
-	$content['LN_GEN_EXPORT_XML'] = "XML";
-	$content['LN_GEN_EXPORT_PDF'] = "PDF";
-	$content['LN_GEN_ERROR_EXPORING'] = "Error exporting data";
-	$content['LN_GEN_ERROR_INVALIDEXPORTTYPE'] = "Invalid Export format selected, or other parameters were wrong.";
-	$content['LN_GEN_ERROR_SOURCENOTFOUND'] = "The Source with ID '%1' could not be found.";
-	$content['LN_GEN_MOREINFORMATION'] = "More Information";
-	$content['LN_FOOTER_PAGERENDERED'] = "Page rendered in";
-	$content['LN_FOOTER_DBQUERIES'] = "DB queries";
-	$content['LN_FOOTER_GZIPENABLED'] = "GZIP enabled";
-	$content['LN_FOOTER_SCRIPTTIMEOUT'] = "Script Timeout";
-	$content['LN_FOOTER_SECONDS'] = "seconds";
-	$content['LN_WARNING_LOGSTREAMTITLE'] = "Logstream Warning";
-	$content['LN_WARNING_LOGSTREAMDISK_TIMEOUT'] = "While reading the logstream, the php script timeout forced me to abort at this point.<br><br> If you want to avoid this, please increase the LogAnalyzer script timeout in your config.php. If the user system is installed, you can do that in Admin center.";
-	$content['LN_ERROR_FILE_NOMORETIME'] = "No more time for processing left";
-	$content['LN_WARNING_DBUPGRADE'] = "Database Upgrade required";
-	$content['LN_WARNING_DBUPGRADE_TEXT'] = "The current installed database version is '%1'.<br>An update to version '%2' is available.";
-	$content['LN_ERROR_REDIRECTABORTED'] = 'Automatic redirect to the <a href="%1">page</a> was aborted, as an internal error occured. Please see the error details above and contact our support forums if you need assistance.';
-	$content['LN_DEBUGLEVEL'] = "Debug Level";
-	$content['LN_DEBUGMESSAGE'] = "Debug Message";
-	$content['LN_GEN_REPORT_OUTPUT_HTML'] = "HTML Format";
-	$content['LN_GEN_REPORT_OUTPUT_PDF'] = "PDF Format";
-	$content['LN_GEN_REPORT_TARGET_STDOUT'] = "Direct Output";
-	$content['LN_GEN_REPORT_TARGET_FILE'] = "Save into File";
-	$content['LN_GEN_REPORT_TARGET_EMAIL'] = "Send as Email";
+$content['LN_GEN_SELECTEXPORT'] = "&gt; Select Exportformat &lt;";
+$content['LN_GEN_EXPORT_CVS'] = "CVS (Comma separated)";
+$content['LN_GEN_EXPORT_XML'] = "XML";
+$content['LN_GEN_EXPORT_PDF'] = "PDF";
+$content['LN_GEN_ERROR_EXPORING'] = "Error exporting data";
+$content['LN_GEN_ERROR_INVALIDEXPORTTYPE'] = "Invalid Export format selected, or other parameters were wrong.";
+$content['LN_GEN_ERROR_SOURCENOTFOUND'] = "The Source with ID '%1' could not be found.";
+$content['LN_GEN_MOREINFORMATION'] = "More Information";
+$content['LN_FOOTER_PAGERENDERED'] = "Page rendered in";
+$content['LN_FOOTER_DBQUERIES'] = "DB queries";
+$content['LN_FOOTER_GZIPENABLED'] = "GZIP enabled";
+$content['LN_FOOTER_SCRIPTTIMEOUT'] = "Script Timeout";
+$content['LN_FOOTER_SECONDS'] = "seconds";
+$content['LN_WARNING_LOGSTREAMTITLE'] = "Logstream Warning";
+$content['LN_WARNING_LOGSTREAMDISK_TIMEOUT'] = "While reading the logstream, the php script timeout forced me to abort at this point.<br><br> If you want to avoid this, please increase the LogAnalyzer script timeout in your config.php. If the user system is installed, you can do that in Admin center.";
+$content['LN_ERROR_FILE_NOMORETIME'] = "No more time for processing left";
+$content['LN_WARNING_DBUPGRADE'] = "Database Upgrade required";
+$content['LN_WARNING_DBUPGRADE_TEXT'] = "The current installed database version is '%1'.<br>An update to version '%2' is available.";
+$content['LN_ERROR_REDIRECTABORTED'] = 'Automatic redirect to the <a href="%1">page</a> was aborted, as an internal error occured. Please see the error details above and contact our support forums if you need assistance.';
+$content['LN_DEBUGLEVEL'] = "Debug Level";
+$content['LN_DEBUGMESSAGE'] = "Debug Message";
+$content['LN_GEN_REPORT_OUTPUT_HTML'] = "HTML Format";
+$content['LN_GEN_REPORT_OUTPUT_PDF'] = "PDF Format";
+$content['LN_GEN_REPORT_TARGET_STDOUT'] = "Direct Output";
+$content['LN_GEN_REPORT_TARGET_FILE'] = "Save into File";
+$content['LN_GEN_REPORT_TARGET_EMAIL'] = "Send as Email";
 $content['LN_GEN_UNKNOWN'] = "Unknown";
+$content['LN_GEN_AUTH_INTERNAL'] = "Internal authentication";
+$content['LN_GEN_AUTH_LDAP'] = "LDAP Authentication";
 
 // Topmenu Entries
 $content['LN_MENU_SEARCH'] = "Search";
@@ -212,6 +213,16 @@ $content['LN_CFG_MSGPARSERS'] = "Message Parsers (comma seperated)";
 $content['LN_CFG_NORMALIZEMSG'] = "Normalize Message within Parsers";
 $content['LN_CFG_SKIPUNPARSEABLE'] = "Skip unparseable messages (Only works if msgparsers are configured!)";
 $content['LN_CFG_DBRECORDSPERQUERY'] = "Recordcount for database queries";
+$content['LN_CFG_LDAPServer'] = "LDAP Server Hostname/IP";
+$content['LN_CFG_LDAPPort'] = "LDAP Port, default 389 (636 for SSL)";
+$content['LN_CFG_LDAPBaseDN'] = "Base DN for LDAP Search";
+$content['LN_CFG_LDAPSearchFilter'] = "Basic Search filter";
+$content['LN_CFG_LDAPUidAttribute'] = "LDAP Username attribute";
+$content['LN_CFG_LDAPBindDN'] = "Privilegied user used to LDAP queries";
+$content['LN_CFG_LDAPBindPassword'] = "Password of the privilegied user";
+$content['LN_CFG_LDAPDefaultAdminUser'] = "Default administrative LDAP Username";
+$content['LN_CFG_AUTHTYPE'] = "Authentication method";
+$content['LN_GEN_AUTH_LDAP_OPTIONS'] = "LDAP Authentication Options";
 
 // Details page
 $content['LN_DETAILS_FORSYSLOGMSG'] = "Details for the syslog messages with id";

src/templates/install.html

@@ -35,6 +35,24 @@
 			showvisibility("HiddenDBTYpesOptions");
 		}
 	}
+
+	/*
+	*	Helper function to show and hide areas of the filterview
+	*/
+	function toggleAuthTypeVisibility(FormFieldName)
+	{
+		var myfield = document.getElementById(FormFieldName);
+		if (myfield.value == 0)
+		{
+			showvisibility("HiddenInternalAuthOptions");
+			hidevisibility("HiddenLdapAuthOptions");
+		}
+		else if (myfield.value == 1)
+		{
+			hidevisibility("HiddenInternalAuthOptions");
+			showvisibility("HiddenLdapAuthOptions");
+		}
+	}
 </script>
 
 <table width="100%" border="0" cellspacing="0" cellpadding="0" class="mainheader">
@@ -204,6 +222,55 @@
 						<input type="radio" name="UserDBLoginRequired" value="0" {UserDBLoginRequired_false}> No
 					</td>
 				</tr>
+				<tr>
+					<td align="left" class="cellmenu2" nowrap><b>{LN_CFG_AUTHTYPE}</b></td>
+					<td align="right" class="line1" width="100%">
+						<select id="UserDBAuthMode" name="UserDBAuthMode" size="1" OnChange="toggleAuthTypeVisibility('UserDBAuthMode');">
+							<!-- BEGIN AUTHTYPES -->
+							<option {selected} value="{type}">{DisplayName}</option>
+							<!-- END AUTHTYPES -->
+						</select>
+					</td>
+				</tr>
+				</table>
+
+				<div id="HiddenInternalAuthOptions" class="HiddenContent">
+				</div>
+				<div id="HiddenLdapAuthOptions" class="HiddenContent">
+				<table border="0" cellpadding="1" cellspacing="1" bgcolor="#DDDDDD" width="500" align="center">
+				<tr><td align="center" class="cellmenu1" colspan="2"><b>{LN_GEN_AUTH_LDAP_OPTIONS}</b></td></tr>
+				<tr>
+					<td align="left" class="cellmenu2" width="265" nowrap><b>{LN_CFG_LDAPServer}</b></td>
+					<td align="right" class="line2" width="100%"><input type="text" name="LDAPServer" size="40" maxlength="255" value="{LDAPServer}"></td>
+				</tr>
+				<tr>
+					<td align="left" class="cellmenu2" nowrap><b>{LN_CFG_LDAPPort}</b></td>
+					<td align="right" class="line1" width="100%"><input type="text" name="LDAPPort" size="40" maxlength="255" value="{LDAPPort}"></td>
+				</tr>
+				<tr>
+					<td align="left" class="cellmenu2" width="265" nowrap><b>{LN_CFG_LDAPBaseDN}</b></td>
+					<td align="right" class="line2" width="100%"><input type="text" name="LDAPBaseDN" size="40" maxlength="255" value="{LDAPBaseDN}"></td>
+				</tr>
+				<tr>
+					<td align="left" class="cellmenu2" width="265" nowrap><b>{LN_CFG_LDAPSearchFilter}</b></td>
+					<td align="right" class="line2" width="100%"><input type="text" name="LDAPSearchFilter" size="40" maxlength="255" value="{LDAPSearchFilter}"></td>
+				</tr>
+				<tr>
+					<td align="left" class="cellmenu2" width="265" nowrap><b>{LN_CFG_LDAPUidAttribute}</b></td>
+					<td align="right" class="line2" width="100%"><input type="text" name="LDAPUidAttribute" size="40" maxlength="255" value="{LDAPUidAttribute}"></td>
+				</tr>
+				<tr>
+					<td align="left" class="cellmenu2" width="265" nowrap><b>{LN_CFG_LDAPBindDN}</b></td>
+					<td align="right" class="line2" width="100%"><input type="text" name="LDAPBindDN" size="40" maxlength="255" value="{LDAPBindDN}"></td>
+				</tr>
+				<tr>
+					<td align="left" class="cellmenu2" nowrap><b>{LN_CFG_LDAPBindPassword}</b></td>
+					<td align="right" class="line1" width="100%"><input type="password" name="LDAPBindPassword" size="40" maxlength="255" value="{LDAPBindPassword}"></td>
+				</tr>
+				<tr>
+					<td align="left" class="cellmenu2" width="265" nowrap><b>{LN_CFG_LDAPDefaultAdminUser}</b></td>
+					<td align="right" class="line2" width="100%"><input type="text" name="LDAPDefaultAdminUser" size="40" maxlength="255" value="{LDAPDefaultAdminUser}"></td>
+				</tr>
 				</table>
 				</div>
 
@@ -221,6 +288,9 @@
 			<!-- IF UserDBEnabled_false="checked" -->
 			hidevisibility('HiddenUserDBOptions');
 			<!-- ENDIF UserDBEnabled_false="checked" -->
+
+			// Manually perform initial Javascript Calls
+			toggleAuthTypeVisibility('UserDBAuthMode');
 		</script>
 		<!-- ENDIF INSTALL_STEP="3" -->