Ticket #572 (new Feature Request)
Opened 3 years ago
Enhance the LDAP Filter mechanism
| Reported by: | julien.desfossez@… | Owned by: | |
|---|---|---|---|
| Priority: | low | Milestone: | Not yet assigned to a Milestone |
| Component: | Auth server, Authentication, permissions and access control | Version: | |
| Keywords: | Cc: |
Description
Hi,
I have created a small patch to enhance the filtering capability when using the LDAP Authenticator.
It replaces the token "%USER%" by the actual username, that way you can use that kind of expression in the authenticator_params :
(&(cn=%USER%)(groupMembership=cn=mygroup,o=mycompany))
It's simple and useful.
Here is the patch if you're interested :
--- AuthenticatorLDAP.php.orig 2009-05-11 14:49:10.000000000 -0400
+++ AuthenticatorLDAP.php 2009-05-11 14:50:37.000000000 -0400
@@ -175,7 +175,8 @@
}
// search for user
- if (($res_id = ldap_search($connect, "o=$o", "$f=$username")) == false) {
+ $auth_filter = str_replace("%USER%", $username, $f);
+ if (($res_id = ldap_search($connect, "$o", $auth_filter)) == false) {
$errmsg = _("Error while obtaining your LDAP information.");
return false;
Attachments
Note: See
TracTickets for help on using
tickets.
