mirror of
https://github.com/stylersnico/librenms.git
synced 2026-07-12 16:06:25 +02:00
ldap access filtering by group
git-svn-id: http://www.observium.org/svn/observer/trunk@700 61d68cd4-352d-0410-923a-c4978735b2b8
This commit is contained in:
+3
-2
@@ -23,9 +23,10 @@ $config['auth_mechanism'] = "mysql"; # default, other options: ldap
|
|||||||
|
|
||||||
# LDAP module configuration
|
# LDAP module configuration
|
||||||
$config['auth_ldap_server'] = "ldap.yourserver.com";
|
$config['auth_ldap_server'] = "ldap.yourserver.com";
|
||||||
$config['auth_ldap_port'] = 389;
|
$config['auth_ldap_port'] = 389;
|
||||||
$config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=com";
|
|
||||||
$config['auth_ldap_prefix'] = "uid=";
|
$config['auth_ldap_prefix'] = "uid=";
|
||||||
|
$config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=com";
|
||||||
|
$config['auth_ldap_group'] = "cn=observer,ou=groups,dc=example,dc=com";
|
||||||
|
|
||||||
### Location of executables
|
### Location of executables
|
||||||
|
|
||||||
|
|||||||
@@ -4,7 +4,7 @@
|
|||||||
|
|
||||||
session_start();
|
session_start();
|
||||||
|
|
||||||
if($_GET['logout'] && $_SESSION['authenticated']) {
|
if(isset($_GET['logout']) && $_SESSION['authenticated']) {
|
||||||
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('" . $_SESSION['username'] . "', '".$_SERVER["REMOTE_ADDR"]."', 'logged out')");
|
mysql_query("INSERT INTO authlog (`user`,`address`,`result`) VALUES ('" . $_SESSION['username'] . "', '".$_SERVER["REMOTE_ADDR"]."', 'logged out')");
|
||||||
unset($_SESSION);
|
unset($_SESSION);
|
||||||
session_destroy();
|
session_destroy();
|
||||||
@@ -14,12 +14,12 @@ if($_GET['logout'] && $_SESSION['authenticated']) {
|
|||||||
$auth_message = "Logged Out";
|
$auth_message = "Logged Out";
|
||||||
}
|
}
|
||||||
|
|
||||||
if($_POST['username'] && $_POST['password']){
|
if(isset($_POST['username']) && isset($_POST['password'])){
|
||||||
$_SESSION['username'] = mres($_POST['username']);
|
$_SESSION['username'] = mres($_POST['username']);
|
||||||
$_SESSION['password'] = mres($_POST['password']);
|
$_SESSION['password'] = mres($_POST['password']);
|
||||||
}
|
}
|
||||||
|
|
||||||
if($_COOKIE['username'] && $_COOKIE['password']){
|
if(isset($_COOKIE['username']) && isset($_COOKIE['password'])){
|
||||||
$_SESSION['username'] = mres($_COOKIE['username']);
|
$_SESSION['username'] = mres($_COOKIE['username']);
|
||||||
$_SESSION['password'] = mres($_COOKIE['password']);
|
$_SESSION['password'] = mres($_COOKIE['password']);
|
||||||
}
|
}
|
||||||
@@ -45,7 +45,17 @@ if ($_SESSION['username'])
|
|||||||
{
|
{
|
||||||
if (ldap_bind($ds, $config['auth_ldap_prefix'] . $_SESSION['username'] . $config['auth_ldap_suffix'], $_SESSION['password']))
|
if (ldap_bind($ds, $config['auth_ldap_prefix'] . $_SESSION['username'] . $config['auth_ldap_suffix'], $_SESSION['password']))
|
||||||
{
|
{
|
||||||
$auth_success = 1;
|
if (!$config['auth_ldap_group'])
|
||||||
|
{
|
||||||
|
$auth_success = 1;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if (ldap_compare($ds,$config['auth_ldap_group'],'memberUid',$_SESSION['username']))
|
||||||
|
{
|
||||||
|
$auth_success = 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user