Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 1622 → Rev 1623

/web/acc/admin/lib/alcasar/freeradius/ldapconfig.php
14,37 → 14,37
if ($instanceName!== null)
$this->instanceName = $instanceName;
// LDAP setting
$this->_items['protocol'] = 'ldap';
$this->_items['host'] = 'test';
$this->_items['server'] = $this->_items['protocol'].'://'.$this->_items['host'];
$this->_items['port'] = '389';//not use yet (689 = ldaps)
$this->_items['identity'] = '';
$this->_items['password'] = '';
$this->_items['basedn'] = 'dc=example,dc=com';
$this->_items['uid'] = 'uid';
$this->_items['filter'] = "($this->_items['uid']=%{Stripped-User-Name:-%{User-Name}})";
$this->_items['base_filter'] = '';
$this->_items['protocol'] = 'ldap';
$this->_items['host'] = 'test';
$this->_items['server'] = $this->_items['protocol'].'://'.$this->_items['host'];
$this->_items['port'] = '389';//not use yet (689 = ldaps)
$this->_items['identity'] = '';
$this->_items['password'] = '';
$this->_items['basedn'] = 'dc=example,dc=com';
$this->_items['uid'] = 'uid';
$this->_items['filter'] = "($this->_items['uid']=%{User-Name})";
$this->_items['base_filter'] = '';
$this->_items['ldap_connections_number'] = '5';
$this->_items['timeout'] = '4';
$this->_items['timelimit'] = '3';
$this->_items['net_timeout'] = '1';
$this->_items['timeout'] = '4';
$this->_items['timelimit'] = '3';
$this->_items['net_timeout'] = '1';
// TLS setting related items
$this->_tls['start_tls'] = 'no'; // if no all tls config are comments
$this->_tls['cacertfile'] = '#';
$this->_tls['cacertdir'] = '#';
$this->_tls['certfile'] = '#';
$this->_tls['keyfile'] = '#';
$this->_tls['randfile'] = '#';
$this->_tls['require_cert'] = '#';
$this->_tls['start_tls'] = 'no'; // if no all tls config are comments
$this->_tls['cacertfile'] = '#';
$this->_tls['cacertdir'] = '#';
$this->_tls['certfile'] = '#';
$this->_tls['keyfile'] = '#';
$this->_tls['randfile'] = '#';
$this->_tls['require_cert'] = '#';
// others ldap setting (optional)
$this->_items['default_profile'] = '#';
$this->_items['profile_attribute'] = '#';
$this->_items['access_attr'] = '#';
$this->_items['default_profile'] = '#';
$this->_items['profile_attribute'] = '#';
$this->_items['access_attr'] = '#';
// Mapping of RADIUS dictionary attributes to LDAP
// directory attributes.
$this->_items['dictionary_mapping'] = '${confdir}/ldap.attrmap';
// for ldap like NOVEL
$this->_items['password_attribute'] = '#';
$this->_items['password_attribute'] = '#';
$this->_items['edir_account_policy_check'] = 'no';
// Group membership checking. Disabled by default.
$this->_items['groupname_attribute'] = '#';
51,12 → 51,12
$this->_items['groupmembership_filter'] = '#';
$this->_items['groupmembership_attribute'] = '#';
$this->_items['compare_check_items'] = '#';
$this->_items['do_xlat'] = '#';
$this->_items['do_xlat'] = '#';
$this->_items['access_attr_used_for_allow'] = '#';
// auth option
$this->_items['set_auth_type'] = '#';
$this->_items['set_auth_type'] = '#';
// debug option
$this->_items['ldap_debug'] = '#';
$this->_items['ldap_debug'] = '#';
}
public function __get($attr){ // to get an $item
94,16 → 94,16
break;
case "uid":
$this->_items['uid'] = $value;
$this->_items['filter'] = "(".$this->_items['uid']."=%{Stripped-User-Name:-%{User-Name}})";
$this->_items['filter'] = "(".$this->_items['uid']."=%{User-Name})";
break;
case "filter":
// extract uid
if (preg_match('`^[\(]([\sa-zA-Z0-9_-]*)=\%\{Stripped\-User\-Name:\-\%\{User-Name\}\}\)`',$value)){
$this->_items['uid'] = preg_replace('`^[\(]([\sa-zA-Z0-9_-]*)=\%\{Stripped\-User\-Name:\-\%\{User-Name\}\}\)`','$1',$value);
if (preg_match('`^[\(]([\sa-zA-Z0-9_-]*)=\%\{User-Name\}\)`',$value)){
$this->_items['uid'] = preg_replace('`^[\(]([\sa-zA-Z0-9_-]*)=\%\{User-Name\}\)`','$1',$value);
} else {
$this->_items['uid'] = 'uid';
}
$this->_items['filter'] = "($this->_items['uid']=%{Stripped-User-Name:-%{User-Name}})";
$this->_items['filter'] = "($this->_items['uid']=%{User-Name})";
break;
default:
$this->_items[$attr] = $value;
/web/acc/admin/lib/alcasar/freeradius/siteconfig.php
14,9 → 14,9
public function __construct() {
$this->_sections['authorize'] = new sectionItem('authorize');
$this->_sections['authenticate'] = new sectionItem('authorize');
$this->_sections['preacct'] = new sectionItem('preacct');
$this->_sections['preacct'] = new sectionItem('preacct');
$this->_sections['accounting'] = new sectionItem('accounting');
$this->_sections['session'] = new sectionItem('session');
$this->_sections['session'] = new sectionItem('session');
$this->_sections['post-auth'] = new sectionItem('post-auth');
$this->_sections['pre-proxy'] = new sectionItem('pre-proxy');
$this->_sections['post-proxy'] = new sectionItem('post-proxy');
93,9 → 93,9
$r = new configReader($confFile);
$this->_sections['authorize'] = $r->getSection('authorize');
$this->_sections['authenticate'] = $r->getSection('authenticate');
$this->_sections['preacct'] = $r->getSection('preacct');
$this->_sections['preacct'] = $r->getSection('preacct');
$this->_sections['accounting'] = $r->getSection('accounting');
$this->_sections['session'] = $r->getSection('session');
$this->_sections['session'] = $r->getSection('session');
$this->_sections['post-auth'] = $r->getSection('post-auth');
$this->_sections['pre-proxy'] = $r->getSection('pre-proxy');
$this->_sections['post-proxy'] = $r->getSection('post-proxy');
178,7 → 178,7
# 'raddb/huntgroups' files.
#
# It also adds the %{Client-IP-Address} attribute to the request.
".$this->_writeModule($this->_sections['authorize']->preprocess, 'preprocess')."
".$this->_writeModule($this->_sections['authorize']->preprocess, '# preprocess')."
 
#
# If you want to have a log of authentication requests,