Filter to authenticate against an LDAP directory.
This filter depends on the PHP ldap extension. If this extension is not installed then the constructor will throw an ezcExtensionNotFoundException.
RFC: http://www.faqs.org/rfcs/rfc4510.html
Example:
Extra data can be fetched from the LDAP server during the authentication process, by registering the data to be fetched before calling run(). Example:
The $data array will be something like:
Source for this file: /Authentication/src/filters/ldap/ldap_filter.php
ezcAuthenticationFilter | --ezcAuthenticationLdapFilter
Version: | //autogen// |
PROTOCOL_PLAIN
= 1
|
Use plain-text password and no encryption for the connection (default). |
PROTOCOL_TLS
= 2
|
Use plain-text password and TLS connection. |
STATUS_PASSWORD_INCORRECT
= 2
|
Password is incorrect. |
STATUS_USERNAME_INCORRECT
= 1
|
Username is not found in the database. |
From ezcAuthenticationFilter: | |
---|---|
ezcAuthenticationFilter::STATUS_OK
|
Successful authentication. |
ezcAuthenticationLdapInfo | read/write |
$ldap
Structure which holds the LDAP server hostname, entry format and base, and port. |
protected array(string=>mixed) |
$data
= array()
Holds the extra data fetched during the authentication process. Usually it has this structure:
|
protected array(string) |
$requestedData
= array()
Holds the attributes which will be requested during the authentication process. Usually it has this structure:
|
From ezcAuthenticationFilter | |
---|---|
protected |
ezcAuthenticationFilter::$options
|
public ezcAuthenticationLdapFilter |
__construct(
$ldap
, [ $options
= null] )
Creates a new object of this class. |
public array(string=>mixed) |
fetchData(
)
Returns the extra data fetched during the authentication process. |
protected mixed |
ldapConnect(
$host
, [ $port
= 389] )
Wraps around the ldap_connect() function. |
protected bool |
ldapStartTls(
$connection
)
Wraps around the ldap_start_tls() function. |
public void |
registerFetchData(
[ $data
= array()] )
Registers which extra data to fetch during the authentication process. |
public int |
run(
$credentials
)
Runs the filter and returns a status code when finished. |
From ezcAuthenticationFilter | |
---|---|
public ezcAuthenticationFilterOptions |
ezcAuthenticationFilter::getOptions()
Returns the options of this class. |
public abstract int |
ezcAuthenticationFilter::run()
Runs the filter and returns a status code when finished. |
public void |
ezcAuthenticationFilter::setOptions()
Sets the options of this class to $options. |
Creates a new object of this class.
Name | Type | Description |
---|---|---|
$ldap |
ezcAuthenticationLdapInfo | How to connect to LDAP |
$options |
ezcAuthenticationLdapOptions | Options for this class |
Type | Description |
---|---|
ezcBaseExtensionNotFoundException |
if the PHP ldap extension is not installed |
Returns the extra data fetched during the authentication process.
The return is something like:
Method | Description |
---|---|
ezcAuthenticationDataFetch::fetchData() |
Returns the extra data fetched during the authentication process. |
Wraps around the ldap_connect() function.
Returns the connection as a resource if it was successful.
Name | Type | Description |
---|---|---|
$host |
string | The LDAP hostname |
$port |
int | The LDAP port to connect to $host, default 389 |
Wraps around the ldap_start_tls() function.
Returns true if it was possible to start a TLS connection on the provided $connection.
Name | Type | Description |
---|---|---|
$connection |
mixed | An established LDAP connection |
Registers which extra data to fetch during the authentication process.
The input $data is an array of attributes to request, for example:
Name | Type | Description |
---|---|---|
$data |
array(string) | A list of attributes to fetch during authentication |
Method | Description |
---|---|
ezcAuthenticationDataFetch::registerFetchData() |
Registers which extra data to fetch during the authentication process. |
Runs the filter and returns a status code when finished.
Name | Type | Description |
---|---|---|
$credentials |
ezcAuthenticationPasswordCredentials | Authentication credentials |
Type | Description |
---|---|
ezcAuthenticationLdapException |
if the connecting and binding to the LDAP server could not be performed |
Method | Description |
---|---|
ezcAuthenticationFilter::run() |
Runs the filter and returns a status code when finished. |