AS1024/Kanboard-Prod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Lowercase LDAP usernames by default for authentication

Browse Source
This commit is contained in:
Frederic Guillot
2015-02-20 19:42:27 -05:00
parent 8214aae1d6
commit 7c2bf746f2
4 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/Auth/Ldap.php
View File

@@ -29,6 +29,7 @@ class Ldap extends Base
*/ */
public function authenticate($username, $password) public function authenticate($username, $password)
{ {
$username = LDAP_USERNAME_CASE_SENSITIVE ? $username : strtolower($username);
$result = $this->findUser($username, $password); $result = $this->findUser($username, $password);
if (is_array($result)) { if (is_array($result)) {

1
app/constants.php
View File

@@ -36,6 +36,7 @@ defined('LDAP_USER_PATTERN') or define('LDAP_USER_PATTERN', '');
defined('LDAP_ACCOUNT_FULLNAME') or define('LDAP_ACCOUNT_FULLNAME', 'displayname'); defined('LDAP_ACCOUNT_FULLNAME') or define('LDAP_ACCOUNT_FULLNAME', 'displayname');
defined('LDAP_ACCOUNT_EMAIL') or define('LDAP_ACCOUNT_EMAIL', 'mail'); defined('LDAP_ACCOUNT_EMAIL') or define('LDAP_ACCOUNT_EMAIL', 'mail');
defined('LDAP_ACCOUNT_ID') or define('LDAP_ACCOUNT_ID', ''); defined('LDAP_ACCOUNT_ID') or define('LDAP_ACCOUNT_ID', '');
defined('LDAP_USERNAME_CASE_SENSITIVE') or define('LDAP_USERNAME_CASE_SENSITIVE', false);
// Google authentication // Google authentication
defined('GOOGLE_AUTH') or define('GOOGLE_AUTH', false); defined('GOOGLE_AUTH') or define('GOOGLE_AUTH', false);

4
config.default.php
View File

@@ -85,6 +85,10 @@ define('LDAP_ACCOUNT_EMAIL', 'mail');
// Example for OpenLDAP: 'uid' // Example for OpenLDAP: 'uid'
define('LDAP_ACCOUNT_ID', 'samaccountname'); define('LDAP_ACCOUNT_ID', 'samaccountname');
// By default Kanboard lowercase the ldap username to avoid duplicate users (the database is case sensitive)
// Set to true if you want to preserve the case
define('LDAP_USERNAME_CASE_SENSITIVE', false);
// Enable/disable Google authentication // Enable/disable Google authentication
define('GOOGLE_AUTH', false); define('GOOGLE_AUTH', false);

9
docs/ldap-authentication.markdown
View File

@@ -76,6 +76,15 @@ define('LDAP_ACCOUNT_FULLNAME', 'displayname');
// Name of an attribute of the user account object which should be used as the email of the user. // Name of an attribute of the user account object which should be used as the email of the user.
define('LDAP_ACCOUNT_EMAIL', 'mail'); define('LDAP_ACCOUNT_EMAIL', 'mail');
// Name of an attribute of the user account object which should be used as the id of the user.
// Example for ActiveDirectory: 'samaccountname'
// Example for OpenLDAP: 'uid'
define('LDAP_ACCOUNT_ID', 'samaccountname');
// By default Kanboard lowercase the ldap username to avoid duplicate users (the database is case sensitive)
// Set to true if you want to preserve the case
define('LDAP_USERNAME_CASE_SENSITIVE', false);
``` ```
### LDAP bind type ### LDAP bind type