eZ Components trunk

Getting Started

Components

Archive (trunk)
Authentication (trunk)
AuthenticationDatabaseTiein (trunk)
Base (trunk)
Cache (trunk)
Configuration (trunk)
ConsoleTools (trunk)
Database (trunk)
DatabaseSchema (trunk)
Debug (trunk)
Document (trunk)
EventLog (trunk)
EventLogDatabaseTiein (trunk)
Execution (trunk)
Feed (trunk)
File (trunk)
Graph (trunk)
GraphDatabaseTiein (trunk)
ImageAnalysis (trunk)
ImageConversion (trunk)
Mail (trunk)
MvcTools (trunk)
MvcAuthenticationTiein (trunk)
MvcFeedTiein (trunk)
MvcMailTiein (trunk)
MvcTemplateTiein (trunk)
PersistentObject (trunk)
PersistentObjectDatabaseSchemaTiein (trunk)
PhpGenerator (trunk)
Search (trunk)
SignalSlot (trunk)
SystemInformation (trunk)
Template (trunk)
TemplateTranslationTiein (trunk)
Translation (trunk)
TranslationCacheTiein (trunk)
Tree (trunk)
TreeDatabaseTiein (trunk)
TreePersistentObjectTiein (trunk)
Url (trunk)
UserInput (trunk)
Webdav (trunk)
Workflow (trunk)
WorkflowDatabaseTiein (trunk)
WorkflowEventLogTiein (trunk)
WorkflowSignalSlotTiein (trunk)

Authentication: ezcAuthenticationLdapFilter

[ Tutorial ] [ Rfcs ] [ Security ] [ Class tree ] [ Element index ] [ ChangeLog ] [ Credits ]

Class: ezcAuthenticationLdapFilter

Filter to authenticate against an LDAP directory. [source]

Implemented Interfaces

ezcAuthenticationDataFetch

This filter depends on the PHP ldap extension. If this extension is not installed then the constructor will throw an ezcExtensionNotFoundException.

RFC: http://www.faqs.org/rfcs/rfc4510.html

Example:

 1.  $credentials = new ezcAuthenticationPasswordCredentials( 'jan.modaal', 'qwerty' );
 2.  $ldap = new ezcAuthenticationLdapInfo( 'localhost', 'uid=%id%', 'dc=example,dc=com', 389 );
 3.  $authentication = new ezcAuthentication( $credentials );
 4.  $authentication->addFilter( new ezcAuthenticationLdapFilter( $ldap ) );
 5.  // add more filters if needed
 6.  if ( !$authentication->run() )
 7.  {
 8.      // authentication did not succeed, so inform the user
 9.      $status = $authentication->getStatus();
10.      $err = array(
11.              'ezcAuthenticationLdapFilter' => array(
12.                  ezcAuthenticationLdapFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username',
13.                  ezcAuthenticationLdapFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'
14.                  )
15.              );
16.      foreach ( $status as $line )
17.      {
18.          list( $key, $value ) = each( $line );
19.          echo $err[$key][$value] . "\n";
20.      }
21.  }
22.  else
23.  {
24.      // authentication succeeded, so allow the user to see his content
25.  }

Extra data can be fetched from the LDAP server during the authentication process, by registering the data to be fetched before calling run(). Example:

 1.  // $filter is an ezcAuthenticationLdapFilter object
 2.  $filter->registerFetchData( array( 'name', 'company', 'mobile' ) );
 3.  
 4.  // after run()
 5.  $data = $filter->fetchData();

The $data array will be something like:

 1.  array( 'name' = > array( 'Dr. No' ),
 2.         'company' => array( 'SPECTRE' ),
 3.         'mobile' => array( '555-7732873' )
 4.       );

Parents

ezcAuthenticationFilter
   |
   --ezcAuthenticationLdapFilter

Constants

`PROTOCOL_PLAIN = 1`	Use plain-text password and no encryption for the connection (default).
`PROTOCOL_TLS = 2`	Use plain-text password and TLS connection.
`STATUS_PASSWORD_INCORRECT = 2`	Password is incorrect.
`STATUS_USERNAME_INCORRECT = 1`	Username is not found in the database.

Inherited Constants

From ezcAuthenticationFilter:

ezcAuthenticationFilter::STATUS_OK Successful authentication.

Properties

ezcAuthenticationLdapInfo

read/write

$ldap

Structure which holds the LDAP server hostname, entry format and base, and port.

Member Variables

protected array(string=>mixed)	`$data = array()` Holds the extra data fetched during the authentication process. Usually it has this structure: 1. array( 'name' = > array( 'Dr. No' ), 2. 'company' => array( 'SPECTRE' ), 3. 'mobile' => array( '555-7732873' ) 4. );
protected array(string)	`$requestedData = array()` Holds the attributes which will be requested during the authentication process. Usually it has this structure: 1. array( 'name', 'company', 'mobile' );

Inherited Member Variables

From ezcAuthenticationFilter:

protected ezcAuthenticationFilter::$options

Method Summary

public ezcAuthenticationLdapFilter	`__construct( $ldap, [$options = null] )` Creates a new object of this class.
public array(string=>mixed)	`fetchData( )` Returns the extra data fetched during the authentication process.
protected mixed	`ldapConnect( $host, [$port = 389] )` Wraps around the ldap_connect() function.
protected bool	`ldapStartTls( $connection )` Wraps around the ldap_start_tls() function.
public void	`registerFetchData( [$data = array()] )` Registers which extra data to fetch during the authentication process.
public int	`run( $credentials )` Runs the filter and returns a status code when finished.

Inherited Methods

From ezcAuthenticationFilter :

public ezcAuthenticationFilterOptions	`ezcAuthenticationFilter::getOptions()` Returns the options of this class.
public abstract int	`ezcAuthenticationFilter::run()` Runs the filter and returns a status code when finished.
public void	`ezcAuthenticationFilter::setOptions()` Sets the options of this class to $options.

Methods

__construct

ezcAuthenticationLdapFilter __construct( ezcAuthenticationLdapInfo $ldap, [ezcAuthenticationLdapOptions $options = null] )

Creates a new object of this class.

Parameters

Name	Type	Description
`$ldap`	ezcAuthenticationLdapInfo	How to connect to LDAP
`$options`	ezcAuthenticationLdapOptions	Options for this class

Throws

Class	Description
`ezcBaseExtensionNotFoundException`	if the PHP ldap extension is not installed

fetchData

array(string=>mixed) fetchData( )

Returns the extra data fetched during the authentication process.

The return is something like:

 1.  array( 'name' = > array( 'Dr. No' ),
 2.         'company' => array( 'SPECTRE' ),
 3.         'mobile' => array( '555-7732873' )
 4.       );

ldapConnect

mixed ldapConnect( string $host, [int $port = 389] )

Wraps around the ldap_connect() function.

Returns the connection as a resource if it was successful.

Parameters

Name	Type	Description
`$host`	string	The LDAP hostname
`$port`	int	The LDAP port to connect to $host, default 389

ldapStartTls

bool ldapStartTls( mixed $connection )

Wraps around the ldap_start_tls() function.

Returns true if it was possible to start a TLS connection on the provided $connection.

Parameters

Name	Type	Description
`$connection`	mixed	An established LDAP connection

registerFetchData

void registerFetchData( [ $data = array()] )

Registers which extra data to fetch during the authentication process.

The input $data is an array of attributes to request, for example:

 1.  array( 'name', 'company', 'mobile' );

Parameters

Name	Type	Description
`$data`	array(string)	A list of attributes to fetch during authentication

run

int run( ezcAuthenticationPasswordCredentials $credentials )

Runs the filter and returns a status code when finished.

Parameters

Name	Type	Description
`$credentials`	ezcAuthenticationPasswordCredentials	Authentication credentials

Throws

Class	Description
`ezcAuthenticationLdapException`	if the connecting and binding to the LDAP server could not be performed

Redefinition of

Method	Description
`ezcAuthenticationFilter::run()`	Runs the filter and returns a status code when finished.

Last updated: Mon, 21 Dec 2009

eZ Components

User menu

Path

eZ Components trunk

Getting Started

Components

Authentication: ezcAuthenticationLdapFilter

Class: ezcAuthenticationLdapFilter

Implemented Interfaces

Parents

Constants

Inherited Constants

Properties

Member Variables

Inherited Member Variables

Method Summary

Inherited Methods

Methods

__construct

Parameters

Throws

fetchData

ldapConnect

Parameters

ldapStartTls

Parameters

registerFetchData

Parameters

run

Parameters

Throws

Redefinition of