My Code Added to an OpenSource Project
So I while ago I wrote some extensive php code to change the open source project Geeklog from its own authentication method to instead use LDAP for authentcation. The code I wrote was pretty extensive but someone took that code and whittled it down to the very basics and added it as a standard feature of the software. At least they gave me some credit. Honestly if I was looking at Geeklog fresh and trying to implement LDAP, I'd be pretty confused because the code really doesn't look much like anything. Also there are a few things that aren't really explained here. The LDAP attributes being used here are UNIX LDAP shell account attributes. If you're looking at using this with a microsoft implementation of LDAP or with Netscape's implementation of LDAP for iplanet, the you're missing a bunch of other attributes. All this is in the original implementation of the code and really isn't explained in the Geekog documentation. Also the setup of your LDAP tree isn't really covered in the documentation either which is pretty crucial.1 <?php
2
3 /* Reminder: always indent with 4 spaces (no tabs). */
4 // +---------------------------------------------------------------------------+
5 // | Geeklog 1.5 |
6 // +---------------------------------------------------------------------------+
7 // | config.php |
8 // | |
9 // | LDAP configuration file. |
10 // +---------------------------------------------------------------------------+
11 // | Copyright (C) 2008 by the following authors: |
12 // | |
13 // | Authors: Jessica Blank - jessica.blank AT mtvnmix DOT com |
14 // | under contract to MTV Networks |
15 // | Evan Rappaport - evan.rappaport AT mtvi DOT com |
16 // +---------------------------------------------------------------------------+
17 // | |
18 // | This program is free software; you can redistribute it and/or |
19 // | modify it under the terms of the GNU General Public License |
20 // | as published by the Free Software Foundation; either version 2 |
21 // | of the License, or (at your option) any later version. |
22 // | |
23 // | This program is distributed in the hope that it will be useful, |
24 // | but WITHOUT ANY WARRANTY; without even the implied warranty of |
25 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
26 // | GNU General Public License for more details. |
27 // | |
28 // | You should have received a copy of the GNU General Public License |
29 // | along with this program; if not, write to the Free Software Foundation, |
30 // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
31 // | |
32 // +---------------------------------------------------------------------------+
33 //
34 // $Id: config.php,v 1.1 2008/05/01 19:27:48 dhaun Exp $
35
36 global $_LDAP_CONF;
37
38 $_LDAP_CONF['version'] = '1.0.0'; // Module Version
39
40
41 // LDAP Settings
42
43 // Basic LDAP variables
44 $_LDAP_CONF['user_ou'] = "People";
45 $_LDAP_CONF['group_ou'] = "Group";
46 $_LDAP_CONF['branch'] = "dc=mydc,dc=com";
47 $_LDAP_CONF['user_branch'] = "ou={$_LDAP_CONF['user_ou']}," . $_LDAP_CONF['branch'];
48 $_LDAP_CONF['user_attributes'] = array("uid","cn","ou","objectClass","shadowLastChange","loginShell","uidnumber","gidNumber","homeDirectory","gecos","userPassword","givenName","sn","mail");
49
50 // LDAP server configuration
51 $_LDAP_CONF['servers'][0]['bind_dn'] = "cn=mycn,ou=LDAPusers,dc=mydc,dc=com";
52 $_LDAP_CONF['servers'][0]['password'] = "mypassword";
53 $_LDAP_CONF['servers'][0]['host'] = "localhost";
54
55 // (put additional servers here; example given below)
56 // $_LDAP_CONF['servers'][1]['bind_dn'] = 'cn=foo,ou=people,dc=corp,dc=com';
57 // $_LDAP_CONF['servers'][1]['password'] = 'joshua';
58 // $_LDAP_CONF['servers'][1]['host'] = 'ldap.example.com';
59
60 // LDAP server selection
61
62 /**
63 * If you wanted to set up some complex logic to determine which
64 * LDAP server is in use, this is where it would go.
65 * We have provided the basic infrastructure for multiple LDAP servers;
66 * the rest is left as an exercise for the user.
67 */
68 $_LDAP_CONF['server_num'] = 0;
69
70
71 // Default user settings
72 $_LDAP_CONF['user_defaults']['ou'] = $_LDAP_CONF['user_ou'];
73 $_LDAP_CONF['user_defaults']['objectClass'] = array("account","posixAccount","top","shadowAccount","person","organizationalPerson","inetOrgPerson");
74 $_LDAP_CONF['user_defaults']['shadowLastChange'] = "0";
75 $_LDAP_CONF['user_defaults']['loginShell'] = "/etc/ftponly";
76
77 ?>
No comments:
Post a Comment