equal
deleted
inserted
replaced
13 * to license@zend.com so we can send you a copy immediately. |
13 * to license@zend.com so we can send you a copy immediately. |
14 * |
14 * |
15 * @category Zend |
15 * @category Zend |
16 * @package Zend_Auth |
16 * @package Zend_Auth |
17 * @subpackage Zend_Auth_Adapter |
17 * @subpackage Zend_Auth_Adapter |
18 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
18 * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) |
19 * @license http://framework.zend.com/license/new-bsd New BSD License |
19 * @license http://framework.zend.com/license/new-bsd New BSD License |
20 * @version $Id: Ldap.php 21319 2010-03-04 16:02:16Z sgehrig $ |
20 * @version $Id: Ldap.php 24618 2012-02-03 08:32:06Z sgehrig $ |
21 */ |
21 */ |
22 |
22 |
23 /** |
23 /** |
24 * @see Zend_Auth_Adapter_Interface |
24 * @see Zend_Auth_Adapter_Interface |
25 */ |
25 */ |
27 |
27 |
28 /** |
28 /** |
29 * @category Zend |
29 * @category Zend |
30 * @package Zend_Auth |
30 * @package Zend_Auth |
31 * @subpackage Zend_Auth_Adapter |
31 * @subpackage Zend_Auth_Adapter |
32 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
32 * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) |
33 * @license http://framework.zend.com/license/new-bsd New BSD License |
33 * @license http://framework.zend.com/license/new-bsd New BSD License |
34 */ |
34 */ |
35 class Zend_Auth_Adapter_Ldap implements Zend_Auth_Adapter_Interface |
35 class Zend_Auth_Adapter_Ldap implements Zend_Auth_Adapter_Interface |
36 { |
36 { |
37 |
37 |
333 $this->_authenticatedDn = $dn; |
333 $this->_authenticatedDn = $dn; |
334 $messages[0] = ''; |
334 $messages[0] = ''; |
335 $messages[1] = ''; |
335 $messages[1] = ''; |
336 $messages[] = "$canonicalName authentication successful"; |
336 $messages[] = "$canonicalName authentication successful"; |
337 if ($requireRebind === true) { |
337 if ($requireRebind === true) { |
338 // rebinding with authenticated user |
338 // rebinding with authenticated user |
339 $ldap->bind($dn, $password); |
339 $ldap->bind($dn, $password); |
340 } |
340 } |
341 return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $canonicalName, $messages); |
341 return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $canonicalName, $messages); |
342 } else { |
342 } else { |
343 $messages[0] = 'Account is not a member of the specified group'; |
343 $messages[0] = 'Account is not a member of the specified group'; |
344 $messages[1] = $groupResult; |
344 $messages[1] = $groupResult; |
369 $messages[0] = 'Invalid credentials'; |
369 $messages[0] = 'Invalid credentials'; |
370 $failedAuthorities[$dname] = $zle->getMessage(); |
370 $failedAuthorities[$dname] = $zle->getMessage(); |
371 } else { |
371 } else { |
372 $line = $zle->getLine(); |
372 $line = $zle->getLine(); |
373 $messages[] = $zle->getFile() . "($line): " . $zle->getMessage(); |
373 $messages[] = $zle->getFile() . "($line): " . $zle->getMessage(); |
374 $messages[] = str_replace($password, '*****', $zle->getTraceAsString()); |
374 $messages[] = preg_replace( |
|
375 '/\b'.preg_quote(substr($password, 0, 15), '/').'\b/', |
|
376 '*****', |
|
377 $zle->getTraceAsString() |
|
378 ); |
375 $messages[0] = 'An unexpected failure occurred'; |
379 $messages[0] = 'An unexpected failure occurred'; |
376 } |
380 } |
377 $messages[1] = $zle->getMessage(); |
381 $messages[1] = $zle->getMessage(); |
378 } |
382 } |
379 } |
383 } |
486 return false; |
490 return false; |
487 } |
491 } |
488 |
492 |
489 $returnObject = new stdClass(); |
493 $returnObject = new stdClass(); |
490 |
494 |
491 $omitAttribs = array_map('strtolower', $omitAttribs); |
495 $returnAttribs = array_map('strtolower', $returnAttribs); |
|
496 $omitAttribs = array_map('strtolower', $omitAttribs); |
|
497 $returnAttribs = array_diff($returnAttribs, $omitAttribs); |
492 |
498 |
493 $entry = $this->getLdap()->getEntry($this->_authenticatedDn, $returnAttribs, true); |
499 $entry = $this->getLdap()->getEntry($this->_authenticatedDn, $returnAttribs, true); |
494 foreach ($entry as $attr => $value) { |
500 foreach ($entry as $attr => $value) { |
495 if (in_array($attr, $omitAttribs)) { |
501 if (in_array($attr, $omitAttribs)) { |
496 // skip attributes marked to be omitted |
502 // skip attributes marked to be omitted |