calnedario iniciado

infcloud_config/auth/plugins/generic.inc

@@ -0,0 +1,58 @@
+<?php
+	require_once(dirname(__FILE__).'/generic_conf.inc');
+
+	function generic_authenticate()
+	{
+		global $pluginconfig;
+		if($_SERVER['PHP_AUTH_USER']!='' && $_SERVER['PHP_AUTH_PW']!='')
+		{
+			preg_match('#(https?)://([^/:]+)((?::[0-9]+)?)#i', $pluginconfig['base_url'], $matches);
+			$hostname_clean=$matches[2];
+			if($matches[1]=='https')
+				$hostname='ssl://'.$matches[2];
+			else
+				$hostname=$matches[2];
+
+			if($matches[3]=='')
+			{
+				if($matches[1]=='http')
+					$port=80;
+				else if($matches[1]=='https')
+					$port=443;
+			}
+			else
+				$port=substr($matches[3],1);
+
+			$fp=fsockopen($hostname, $port, $errno, $errstr, $pluginconfig['timeout']);
+			if(!$fp)
+			{
+				echo "$errstr ($errno)<br />\n";
+				return -2;
+			}
+			else
+			{
+				$request="<?xml version=\"1.0\" encoding=\"utf-8\"?><A:propfind xmlns:A=\"DAV:\"><A:prop><A:current-user-principal/></A:prop></A:propfind>";
+
+				$out="PROPFIND ".$pluginconfig['request']." HTTP/1.1\r\n";
+				$out.="Host: $hostname_clean\r\n";
+				$out.="Authorization: Basic ".base64_encode($_SERVER['PHP_AUTH_USER'].':'.$_SERVER['PHP_AUTH_PW'])."\r\n";
+				$out.="Depth: 0\r\n";
+				$out.="Content-Type: text/xml; charset=\"utf-8\"\r\n";
+				$out.="Content-Length:". strlen($request)."\r\n\r\n";
+				$out.=$request;
+				fwrite($fp, $out);
+
+				$result='';
+				if(!feof($fp))
+		    		$result.=fgets($fp);
+				fclose($fp);
+
+				if(strpos($result, 'HTTP/1.1 207')===0)
+					return 1;	// auth successful
+				else
+					return -1;	// auth unsuccessful
+			}
+		}
+		return 0;	// empty username or password
+	}
+?>

infcloud_config/auth/plugins/generic_conf.inc

@@ -0,0 +1,12 @@
+<?php
+	// Server base URL
+	$pluginconfig['base_url']=(empty($_SERVER['HTTPS']) ? 'http' : 'https').'://my.server.com:8080';
+
+	// Default values are usually OK
+	//  for Davical:
+	$pluginconfig['request']='/caldav.php';	// change only if your Davical is not installed into server root directory
+	//  for Lion server:
+	//$pluginconfig['request']='/principals/users';
+
+	$pluginconfig['timeout']=30;
+?>

infcloud_config/auth/plugins/ldap.inc

@@ -0,0 +1,37 @@
+<?php
+	require_once(dirname(__FILE__).'/ldap_conf.inc');
+
+	function ldap_authenticate()
+	{
+		global $pluginconfig;
+		if($_SERVER['PHP_AUTH_USER']!="" && $_SERVER['PHP_AUTH_PW']!="")
+		{
+			$ds=ldap_connect($pluginconfig['host']);
+
+			// if binding is required for LDAP search
+			if(isset($pluginconfig['bind_dn']) && isset($pluginconfig['bind_passwd']))
+			{
+				@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+				if(!($r=@ldap_bind($ds, $pluginconfig['bind_dn'], $pluginconfig['bind_passwd'])))
+					return -2;	// auth unsuccessful (bind error)
+			}
+
+			// perform the search
+			if(($r=ldap_search($ds, $pluginconfig['basedn'], '(&('.$pluginconfig['user_attr'].'='.$_SERVER['PHP_AUTH_USER'].')'.(isset($pluginconfig['filter']) && $pluginconfig['filter']!='' ? '('.$pluginconfig['filter'].')' : '' ).')'))!==false)
+			{
+				$result=@ldap_get_entries($ds, $r);
+				if($result[0])
+				{
+					@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
+					if(@ldap_bind($ds, $result[0]['dn'], $_SERVER['PHP_AUTH_PW']))
+					{
+						@ldap_unbind($bi);
+						return 1;	// auth successful
+					}
+				}
+			}
+			return -1;	// auth unsuccessful
+		}
+		return 0;	// empty username or password
+	}
+?>

infcloud_config/auth/plugins/ldap_conf.inc

@@ -0,0 +1,12 @@
+<?php
+	// LDAP configuration parameters
+	$pluginconfig['host']='ldaps://ldap.server.com/';
+	$pluginconfig['basedn']='ou=People,dc=server,dc=com';
+	$pluginconfig['user_attr']='uid';
+	// if the server requires binding (if set to null then binding is not performed)
+	//$pluginconfig['bind_dn']=null;
+	//$pluginconfig['bind_passwd']=null;
+
+	// optional
+	$pluginconfig['filter']='accountStatus=active';
+?>