mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ldap access filtering by group

Browse Source 
git-svn-id: http://www.observium.org/svn/observer/trunk@700 61d68cd4-352d-0410-923a-c4978735b2b8
This commit is contained in:
Tom Laermans
2010-01-16 22:57:10 +00:00
parent f7924298cc
commit 90c79bd539
2 changed files with 17 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
config.php.default
View File

@@ -23,9 +23,10 @@ $config['auth_mechanism'] = "mysql"; # default, other options: ldap
# LDAP module configuration
$config['auth_ldap_server'] = "ldap.yourserver.com";
$config['auth_ldap_port'] = 389;
$config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=com";
$config['auth_ldap_port'] = 389;
$config['auth_ldap_prefix'] = "uid=";
$config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=com";
$config['auth_ldap_group'] = "cn=observer,ou=groups,dc=example,dc=com";
### Location of executables

18
html/includes/authenticate.inc
View File

@@ -4,7 +4,7 @@
session_start();
if($_GET['logout'] && $_SESSION['authenticated']) {
if(isset($_GET['logout']) && $_SESSION['authenticated']) {
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('" . $_SESSION['username'] . "', '".$_SERVER["REMOTE_ADDR"]."', 'logged out')");
unset($_SESSION);
session_destroy();
@@ -14,12 +14,12 @@ if($_GET['logout'] && $_SESSION['authenticated']) {
$auth_message = "Logged Out";
}
if($_POST['username'] && $_POST['password']){
if(isset($_POST['username']) && isset($_POST['password'])){
$_SESSION['username'] = mres($_POST['username']);
$_SESSION['password'] = mres($_POST['password']);
}
if($_COOKIE['username'] && $_COOKIE['password']){
if(isset($_COOKIE['username']) && isset($_COOKIE['password'])){
$_SESSION['username'] = mres($_COOKIE['username']);
$_SESSION['password'] = mres($_COOKIE['password']);
}
@@ -45,7 +45,17 @@ if ($_SESSION['username'])
{
if (ldap_bind($ds, $config['auth_ldap_prefix'] . $_SESSION['username'] . $config['auth_ldap_suffix'], $_SESSION['password']))
{
$auth_success = 1;
if (!$config['auth_ldap_group'])
{
$auth_success = 1;
}
else
{
if (ldap_compare($ds,$config['auth_ldap_group'],'memberUid',$_SESSION['username']))
{
$auth_success = 1;
}
}
}
}
}