Authenticated LDAP - half a patch

[Ian P. Christian]

Forgive my laziness, it's been sometime since I was a developer so I'm not currently on github etc.

I needed to support authenticated LDAP, so I've hacked in the following:

In the config.php, I have added these settings:

// set these for authenticated bind

$config['ldap_user'] = null;

$config['ldap_pass'] = '';

$config['ldap_search_dn'] = 'ou=people,dc=mycompany,dc=net';

$config['ldap_search_pattern'] = 'cn=%s';

diff -r holiday/application/controllers/session.php holiday.clean/application/controllers/session.php

126,152c126,139

<                     $ldap = ldap_connect($this->config->item('ldap_host'), $this->config->item('ldap_port'));

<                     ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);

<                     set_error_handler(function() { /* ignore errors */ });

<

<                     if ($this->config->item('ldap_user'))

<                     {

<                         $bind = ldap_bind($ldap, $this->config->item('ldap_user'), $this->config->item('ldap_pass'));

<                         $uret = ldap_search($ldap, $this->config->item('ldap_search_dn'), sprintf($this->config->item('ldap_search_pattern'),

<                             $this->input->post('login')

<                         ));

<                         $uent = ldap_first_entry($ldap, $uret);

<                         $basedn = ldap_get_dn($ldap, $uent);

<                     }

<                     else

<                     {

<                         //Priority is given to the base DN defined into the database, then try with the template

<                         $basedn = $this->users_model->getBaseDN($this->input->post('login'));

<                         if ($basedn == "") {//can return NULL

<                             $basedn = sprintf($this->config->item('ldap_basedn'), $this->input->post('login'));

<                         }

<                     }

<                     $bind = ldap_bind($ldap, $basedn, $password);

<                     restore_error_handler();

<                     if ($bind) {

<                         $loggedin = $this->users_model->checkCredentialsLDAP($this->input->post('login'));

<                     }

<                     ldap_close($ldap);

---

>                 $ldap = ldap_connect($this->config->item('ldap_host'), $this->config->item('ldap_port'));

>                 ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);

>                 set_error_handler(function() { /* ignore errors */ });

>                 //Priority is given to the base DN defined into the database, then try with the template

>                 $basedn = $this->users_model->getBaseDN($this->input->post('login'));

>                 if ($basedn == "") {//can return NULL

>                     $basedn = sprintf($this->config->item('ldap_basedn'), $this->input->post('login'));

>                 }

>                 $bind = ldap_bind($ldap, $basedn, $password);

>                 restore_error_handler();

>                 if ($bind) {

>                     $loggedin = $this->users_model->checkCredentialsLDAP($this->input->post('login'));

>                 }

>                 ldap_close($ldap);

[Benjamin BALET]

Hi,

This feature is part of the upcoming v0.6.0

Thanks