本文整理汇总了PHP中ldap_start_tls函数的典型用法代码示例。如果您正苦于以下问题:PHP ldap_start_tls函数的具体用法?PHP ldap_start_tls怎么用?PHP ldap_start_tls使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ldap_start_tls函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: _connect
/**
* Connect and bind to ldap server.
*
* @throws Ingo_Exception
*/
protected function _connect()
{
if (!($ldapcn = @ldap_connect($this->_params['hostspec'], $this->_params['port']))) {
throw new Ingo_Exception(_("Connection failure"));
}
/* Set the LDAP protocol version. */
if (!empty($this->_params['version'])) {
@ldap_set_option($ldapcn, LDAP_OPT_PROTOCOL_VERSION, $this->_params['version']);
}
/* Start TLS if we're using it. */
if (!empty($this->_params['tls']) && !@ldap_start_tls($ldapcn)) {
throw new Ingo_Exception(sprintf(_("STARTTLS failed: (%s) %s"), ldap_errno($ldapcn), ldap_error($ldapcn)));
}
/* Bind to the server. */
if (isset($this->_params['bind_dn'])) {
$bind_dn = $this->_substUser($this->_params['bind_dn']);
$password = isset($this->_params['bind_password']) ? $this->_params['bind_password'] : $this->_params['password'];
$bind_success = @ldap_bind($ldapcn, $bind_dn, $password);
} else {
$bind_success = @ldap_bind($ldapcn);
}
if ($bind_success) {
return $ldapcn;
}
throw new Ingo_Exception(sprintf(_("Bind failed: (%s) %s"), ldap_errno($ldapcn), ldap_error($ldapcn)));
}示例2: __construct
public function __construct()
{
$this->ldap = ldap_connect(QACASConfig::$ldap_server);
if (!$this->ldap) {
throw new LDAPException('ldap_connect() failed');
}
if (!ldap_set_option($this->ldap, LDAP_OPT_PROTOCOL_VERSION, 3)) {
throw new LDAPException('ldap_set_option(PROTOCOL) failed', $this->ldap);
}
if (!ldap_set_option($this->ldap, LDAP_OPT_REFERRALS, false)) {
throw new LDAPException('ldap_set_option(REFERRALS) failed', $this->ldap);
}
if (QACASConfig::$ldap_starttls) {
if (!ldap_start_tls($this->ldap)) {
throw new LDAPException('ldap_start_tls() failed', $this->ldap);
}
}
if (QACASConfig::$ldap_bind_dn) {
if (!ldap_bind($this->ldap, QACASConfig::$ldap_bind_dn, QACASConfig::$ldap_bind_pass)) {
throw new LDAPException('ldap_bind() failed', $this->ldap);
}
} else {
if (!ldap_bind($this->ldap, QACASConfig::$ldap_bind_dn, QACASConfig::$ldap_bind_pass)) {
throw new LDAPException('ldap_bind() failed', $this->ldap);
}
}
}示例3: _connect
/**
* Initiate LDAP connection.
*
* Not done in __construct(), only when a read or write action is
* necessary.
*/
protected function _connect()
{
if ($this->_ds) {
return;
}
if (!($this->_ds = @ldap_connect($this->_params['server'], $this->_params['port']))) {
throw new Turba_Exception(_("Connection failure"));
}
/* Set the LDAP protocol version. */
if (!empty($this->_params['version'])) {
@ldap_set_option($this->_ds, LDAP_OPT_PROTOCOL_VERSION, $this->_params['version']);
}
/* Set the LDAP deref option for dereferencing aliases. */
if (!empty($this->_params['deref'])) {
@ldap_set_option($this->_ds, LDAP_OPT_DEREF, $this->_params['deref']);
}
/* Set the LDAP referrals. */
if (!empty($this->_params['referrals'])) {
@ldap_set_option($this->_ds, LDAP_OPT_REFERRALS, $this->_params['referrals']);
}
/* Start TLS if we're using it. */
if (!empty($this->_params['tls']) && !@ldap_start_tls($this->_ds)) {
throw new Turba_Exception(sprintf(_("STARTTLS failed: (%s) %s"), ldap_errno($this->_ds), ldap_error($this->_ds)));
}
/* Bind to the server. */
if (isset($this->_params['bind_dn']) && isset($this->_params['bind_password'])) {
$error = !@ldap_bind($this->_ds, $this->_params['bind_dn'], $this->_params['bind_password']);
} else {
$error = !@ldap_bind($this->_ds);
}
if ($error) {
throw new Turba_Exception(sprintf(_("Bind failed: (%s) %s"), ldap_errno($this->_ds), ldap_error($this->_ds)));
}
}示例4: _connectLDAP
private function _connectLDAP()
{
global $conf;
# Connect to LDAP
$this->ldap = ldap_connect($conf->auth_ldap->url);
ldap_set_option($this->ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($this->ldap, LDAP_OPT_REFERRALS, 0);
if ($conf->auth_ldap->starttls && !ldap_start_tls($this->ldap)) {
error_log("LDAP - Unable to use StartTLS");
return false;
} else {
# Bind
if (isset($conf->auth_ldap->binddn) && isset($conf->auth_ldap->bindpw)) {
$bind = ldap_bind($this->ldap, $conf->auth_ldap->binddn, $conf->auth_ldap->bindpw);
} else {
$bind = ldap_bind($this->ldap);
}
$errno = ldap_errno($this->ldap);
if ($errno) {
error_log("LDAP - Bind error {$errno} (" . ldap_error($this->ldap) . ")");
error_log("LDAP - Cannot bind with user " . $conf->auth_ldap->binddn . " and " . $conf->auth_ldap->bindpw);
return false;
}
}
return true;
}示例5: connect
private function connect()
{
$host = $this->params['host'];
if (isset($this->params['useSsl']) && (bool) $this->params['useSsl']) {
$host = 'ldaps://' . $host;
}
$ress = @ldap_connect($host, $this->params['port']);
if (isset($this->params['useStartTls']) && (bool) $this->params['useStartTls']) {
ldap_start_tls($ress);
}
if (isset($this->params['version']) && $this->params['version'] !== null) {
ldap_set_option($ress, LDAP_OPT_PROTOCOL_VERSION, $this->params['version']);
}
if (isset($this->params['optReferrals']) && $this->params['optReferrals'] !== null) {
ldap_set_option($ress, LDAP_OPT_REFERRALS, $this->params['optReferrals']);
}
if (isset($this->params['username']) && $this->params['version'] !== null) {
if (!isset($this->params['password'])) {
throw new \Exception('You must uncomment password key');
}
$bindress = @ldap_bind($ress, $this->params['username'], $this->params['password']);
if (!$bindress) {
throw new \Exception('The credentials you have configured are not valid');
}
} else {
$bindress = @ldap_bind($ress);
if (!$bindress) {
throw new \Exception('Unable to connect Ldap');
}
}
$this->ldap_res = $ress;
}示例6: ldap_init
function ldap_init()
{
global $ds, $config;
if (!is_resource($ds)) {
print_debug("LDAP[Connecting to " . implode(",", $config['auth_ldap_server']) . "]");
$ds = @ldap_connect(implode(",", $config['auth_ldap_server']), $config['auth_ldap_port']);
print_debug("LDAP[Connected]");
if ($config['auth_ldap_starttls'] && ($config['auth_ldap_starttls'] == 'optional' || $config['auth_ldap_starttls'] == 'require')) {
$tls = ldap_start_tls($ds);
if ($config['auth_ldap_starttls'] == 'require' && $tls == FALSE) {
session_logout();
print_error("Fatal error: LDAP TLS required but not successfully negotiated [" . ldap_error($ds) . "]");
exit;
}
}
if ($config['auth_ldap_referrals']) {
ldap_set_option($ds, LDAP_OPT_REFERRALS, $config['auth_ldap_referrals']);
print_debug("LDAP[Referrals][Set to " . $config['auth_ldap_referrals'] . "]");
} else {
ldap_set_option($ds, LDAP_OPT_REFERRALS, FALSE);
print_debug("LDAP[Referrals][Disabled]");
}
if ($config['auth_ldap_version']) {
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $config['auth_ldap_version']);
print_debug("LDAP[Version][Set to " . $config['auth_ldap_version'] . "]");
}
}
}示例7: __construct
/**
* Creates a secure LDAP connection to the University's LDAP server.
* This is done by authenticating as a current student.
* @param string $uid The student's NetID.
* @param string $password The student's password for their NetID.
*/
public function __construct($uid, $password)
{
if (!putenv('LDAPTLS_CACERTDIR=' . UniversityLdap::CA_CERT_DIR)) {
trigger_error('Unable to set TLS certificate directory.', E_USER_WARNING);
}
$this->dn = "uid={$uid}," . UniversityLdap::NETID_DN_BASE;
$this->log('Connecting to University LDAP.');
$this->connection = ldap_connect(UniversityLdap::NETID_SERVER);
if (!$this->connection) {
throw new Exception('Unable to open connection to University LDAP.');
}
ldap_set_option($this->connection, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($this->connection, LDAP_OPT_X_TLS_CACERTDIR, UniversityLdap::CA_CERT_DIR);
//
// Output more LDAP information when debugging
if (self::DEBUG) {
ldap_set_option($this->connection, LDAP_OPT_DEBUG_LEVEL, 7);
}
if (!ldap_start_tls($this->connection)) {
$this->trigger_ldap_error();
throw new Exception('Unable to start TLS Encryption for University LDAP connection.');
}
$this->log('Binding to University LDAP.');
if (!@ldap_bind($this->connection, $this->dn, $password)) {
$this->trigger_ldap_error();
throw new RuntimeException('Unable to bind to University LDAP. Bad username/password?');
}
}示例8: __construct
public function __construct($host = UL_LDAP_DEFAULT_HOST, $port = UL_LDAP_DEFAULT_PORT, $enc = UL_LDAP_DEFAULT_ENCRYPTION)
{
$constr = "{$host}:{$port}";
if ($enc == 'SSL') {
if (!ulUtils::BeginsWith($host, 'ldaps:')) {
$constr = "ldaps://{$constr}";
}
} else {
if (!ulUtils::BeginsWith($host, 'ldaps:')) {
$constr = "ldap://{$constr}";
}
}
$this->con = ldap_connect($constr, $port);
if ($this->con === false) {
return;
}
if (!ldap_set_option($this->con, LDAP_OPT_PROTOCOL_VERSION, 3)) {
$this->Fail();
}
if (!ldap_set_option($this->con, LDAP_OPT_REFERRALS, 0)) {
$this->Fail();
}
if ($enc == 'TLS' && !ldap_start_tls($this->con)) {
$this->Fail();
}
}示例9: connectToLdap
/**
* Makes a connection to LDAP using the settings in Admin > Settings.
*
* @author [A. Gianotto] [<snipe@snipe.net>]
* @since [v3.0]
* @return connection
*/
public static function connectToLdap()
{
$ldap_host = Setting::getSettings()->ldap_server;
$ldap_version = Setting::getSettings()->ldap_version;
$ldap_server_cert_ignore = Setting::getSettings()->ldap_server_cert_ignore;
$ldap_use_tls = Setting::getSettings()->ldap_tls;
// If we are ignoring the SSL cert we need to setup the environment variable
// before we create the connection
if ($ldap_server_cert_ignore == '1') {
putenv('LDAPTLS_REQCERT=never');
}
// If the user specifies where CA Certs are, make sure to use them
if (env("LDAPTLS_CACERT")) {
putenv("LDAPTLS_CACERT=" . env("LDAPTLS_CACERT"));
}
$connection = @ldap_connect($ldap_host);
if (!$connection) {
throw new Exception('Could not connect to LDAP server at ' . $ldap_host . '. Please check your LDAP server name and port number in your settings.');
}
// Needed for AD
ldap_set_option($connection, LDAP_OPT_REFERRALS, 0);
ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);
if ($ldap_use_tls == '1') {
ldap_start_tls($connection);
}
return $connection;
}示例10: connect
public function connect()
{
// connection already established
if ($this->ds) {
return true;
}
$this->bound = 0;
if (!($this->ds = ldap_connect($this->cnf['host'], $this->cnf['port']))) {
error('LDAP: couldn\'t connect to LDAP server.');
return false;
}
// set protocol version and dependend options
if ($this->cnf['version']) {
if (!ldap_set_option($this->ds, LDAP_OPT_PROTOCOL_VERSION, $this->cnf['version'])) {
error('Setting LDAP Protocol version ' . $this->cnf['version'] . ' failed.');
} else {
// use TLS (needs version 3)
if (isset($this->cnf['starttls']) && !ldap_start_tls($this->ds)) {
error('Starting TLS failed.');
}
// needs version 3
if (!zbx_empty($this->cnf['referrals']) && !ldap_set_option($this->ds, LDAP_OPT_REFERRALS, $this->cnf['referrals'])) {
error('Setting LDAP referrals to off failed.');
}
}
}
// set deref mode
if (isset($this->cnf['deref']) && !ldap_set_option($this->ds, LDAP_OPT_DEREF, $this->cnf['deref'])) {
error('Setting LDAP Deref mode ' . $this->cnf['deref'] . ' failed.');
}
return true;
}示例11: ldap_getCnx
function ldap_getCnx($server_id = null)
{
global $ldap_server;
if (is_null($server_id)) {
return False;
} else {
if ($ldap_server[$server_id]['protoversion'] == 'ldapv3' && $ldap_server[$server_id]['encrypt'] != 'ldaps') {
$ds = ldap_connect($ldap_server[$server_id]['server'], $ldap_server[$server_id]['port']);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
if (!$ldap_server[$server_id]['referrals']) {
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
}
if ($ldap_server[$server_id]['encrypt'] == 'start-tls') {
ldap_start_tls($ds);
}
} elseif ($ldap_server[$server_id]['protoversion'] == 'ldapv2') {
if ($ldap_server[$server_id]['encrypt'] == 'ldaps') {
$ds = ldap_connect("ldaps://" . $ldap_server[$server_id]['server'], $ldap_server[$server_id]['port']);
} else {
$ds = ldap_connect($ldap_server[$server_id]['server'], $ldap_server[$server_id]['port']);
}
if (!$ldap_server[$server_id]['referrals']) {
ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
}
}
return $ds;
}
}示例12: authenticate
/**
*
*
* @param string $username
* @param string $password
* @param string $company_file
* @param integer $wait_before_next_update
* @param integer $min_run_every_n_seconds
* @return boolean
*/
public function authenticate($username, $password, &$company_file, &$wait_before_next_update, &$min_run_every_n_seconds)
{
if (!strlen(trim($username)) or !strlen(trim($password))) {
return false;
}
if ($ds = ldap_connect($this->_ldap_host, $this->_ldap_port)) {
if ($this->_ldap_version) {
if (!ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, (int) $this->_ldap_version)) {
return false;
}
}
if ($this->_ldap_tls) {
if (!ldap_start_tls($ds)) {
return false;
}
}
if ($r = ldap_search($ds, $this->_ldap_basedn, $this->_ldap_attribute . '=' . $username)) {
$entries = ldap_get_entries($ds, $r);
if (!empty($entries[0])) {
return @ldap_bind($ds, $entries[0]['dn'], $password);
}
}
}
return false;
}示例13: authenticateLdap
public function authenticateLdap()
{
if (!($settings = YumSettings::model()->find('is_active'))) {
throw new ExceptionClass('No active YUM-Settings profile found');
}
$ds = @ldap_connect($settings->ldap_host, $settings->ldap_port);
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $settings->ldap_protocol);
if ($settings->ldap_tls == 1) {
ldap_start_tls($ds);
}
if (!@ldap_bind($ds)) {
throw new Exception('OpenLDAP: Could not connect to LDAP-Server');
}
if ($r = ldap_search($ds, $settings->ldap_basedn, '(uid=' . $this->username . ')')) {
$result = @ldap_get_entries($ds, $r);
if ($result[0] && @ldap_bind($ds, $result[0]['dn'], $this->password)) {
$user = YumUser::model()->find('username=:username', array(':username' => $this->username));
if ($user == NULL) {
if ($settings->ldap_autocreate == 1) {
$user = new YumUser();
$user->username = $this->username;
if ($settings->ldap_transfer_pw == 1) {
$user->password = YumEncrypt::encrypt($this->password);
}
$user->lastpasswordchange = 0;
$user->activationKey = '';
$user->superuser = 0;
$user->createtime = time();
$user->status = 1;
if ($user->save(false)) {
if (Yum::module()->enableProfiles) {
$profile = new YumProfile();
$profile->user_id = $user->id;
$profile->privacy = 'protected';
if ($settings->ldap_transfer_attr == 1) {
$profile->email = $result[0]['mail'][0];
$profile->lastname = $result[0]['sn'][0];
$profile->firstname = $result[0]['givenname'][0];
$profile->street = $result[0]['postaladdress'][0];
$profile->city = $result[0]['l'][0];
}
$profile->save(false);
}
} else {
return !($this->errorCode = self::ERROR_PASSWORD_INVALID);
}
} else {
return !($this->errorCode = self::ERROR_PASSWORD_INVALID);
}
}
$this->id = $user->id;
$this->setState('id', $user->id);
$this->username = $user->username;
$this->user = $user;
return !($this->errorCode = self::ERROR_NONE);
}
}
return !($this->errorCode = self::ERROR_PASSWORD_INVALID);
}示例14: authenticateToUMLDAP
function authenticateToUMLDAP($accountName, $credential, $ldapServer = 'ldap.missouri.edu', $ldapPort = 3268, &$errorMsg = "", $requireSecure = true)
{
$error = array();
$query_result = array();
$attributes = array("samaccountname", "proxyAddresses", "mail", "displayName");
$formatted_result = array();
$connection = ldap_connect($ldapServer, $ldapPort);
if (!$connection) {
$errorMsg = "Failed to connect to {$ldapServer}:{$ldapPort}";
return false;
}
if (!ldap_set_option($connection, LDAP_OPT_PROTOCOL_VERSION, 3)) {
$errorMsg = "Failed to Set Protocol version 3";
return false;
}
if (!ldap_set_option($connection, LDAP_OPT_REFERRALS, 0)) {
$errorMsg = "Failed to connect disable referrals from server";
return false;
}
if (!ldap_start_tls($connection) && $requireSecure) {
$errorMsg = "Unable to get a TLS connection, are you using the correct port?";
return false;
}
// Try one until we connect
$valid_domains = array("tig.mizzou.edu", "col.missouri.edu", "umsystem.umsystem.edu");
foreach ($valid_domains as $domain) {
if ($bind_status = ldap_bind($connection, $accountName . "@" . $domain, $credential)) {
break;
}
}
// A break above leaves $bind_status = true;
if ($bind_status) {
$ldapresults = ldap_search($connection, 'dc=edu', "(samaccountname={$accountName})", $attributes);
if (!$ldapresults) {
$errorMsg = "Failed to look up after bind";
return false;
} else {
// THIS VALUE IS CHECK BELOW
$result_count = ldap_count_entries($connection, $ldapresults);
$query_result = ldap_get_entries($connection, $ldapresults);
ldap_close($connection);
}
} else {
ldap_close($connection);
$errorMsg = "Failed to bind to ({$connection}) as: {$username}";
return false;
}
if ($result_count == 0) {
$formatted_result['result'] = '0';
$formatted_result['message'] = 'Invalid Username or Password';
} else {
$formatted_result['result'] = $result_count;
$formatted_result['user']['fullname'] = $query_result[0]["displayname"][0];
$formatted_result['user']['username'] = $query_result[0]["samaccountname"][0];
$formatted_result['user']['emails'] = get_email($query_result);
}
return $formatted_result;
}示例15: logIn
function logIn($param)
{
$ds = @ldap_connect(LDAP_HOST, LDAP_PORT);
$_SESSION['loggedin'] = "-1";
// Set LDAP Version, Default is Version 2
@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, LDAP_VERSION ? LDAP_VERSION : 2);
// Referrals are disabled
@ldap_set_option($ds, LDAP_OPT_REFERRALS, 0);
// Enable TLS Encryption
if (LDAP_ENCRYPTION == "tls") {
// Documentation says - set to never
putenv('LDAPTLS_REQCERT=never') or die('Failed to setup the env');
@ldap_start_tls($ds);
}
if (defined('LDAP_BIND_USER') && defined('LDAP_ADMIN_USER')) {
if (!@ldap_bind($ds, LDAP_BIND_USER, LDAP_BIND_PASSWORD)) {
return array();
}
}
$r = @ldap_search($ds, LDAP_BASEDN, LDAP_USERNAME_ATTRIBUTE_OPEN . $param['username'] . LDAP_USERNAME_ATTRIBUTE_CLOSE);
if ($r) {
$result = @ldap_get_entries($ds, $r);
if ($result[0]) {
if (@ldap_bind($ds, $result[0]['dn'], $param['password'])) {
if ($result[0] != NULL) {
if (defined("LDAP_GROUPDN")) {
if (!$this->check_filegroup_membership($ds, $result[0]['dn'])) {
return false;
}
}
// Default each user has normal User Privs
$_SESSION['loggedin'] = $param['username'];
$_SESSION['userlevel'] = LDAP_USERLEVEL;
$user['uid'] = 1;
$user['username'] = $param['username'];
$user['gid'] = 10;
$user['grp'] = "users";
$user['firstname'] = $param['username'];
$user['lastname'] = $param['username'];
$user['email'] = $param['username'];
$user['lastvisit'] = $param['username'];
$_SESSION['data'] = $user;
// Assigne Admin Privs, should be read from the LDAP Directory in the future
$ADMIN_USER = split(",", LDAP_ADMIN_USER);
foreach ($ADMIN_USER as &$value) {
if ($value == $param['username']) {
$_SESSION['userlevel'] = 1;
# LDAP_ADMINLEVEL;
$user['grp'] = "users,admins";
}
}
return $user;
}
}
}
}
return array();
}