Implemented LdapLoginModule #1058
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- This module is able to bind and authenticate to an OpenLdap
server, either anonymously or with a user bind
- The module can find the roles of the user authenticating and pass
them on to the appserver authentication manager
- Implmentation is loosely based on LdapExtLoginModule from
picketbox
|
Can one of the admins verify this patch? |
2 similar comments
|
Can one of the admins verify this patch? |
|
Can one of the admins verify this patch? |
wagnert
requested changes
May 12, 2017
| * This source file is subject to the Open Software License (OSL 3.0) | ||
| * that is available through the world-wide-web at this URL: | ||
| * http://opensource.org/licenses/osl-3.0.php | ||
| } |
There was a problem hiding this comment.
Please remove the invalid } char
| throw new LoginException(sprintf('Couldn\'t connect to LDAP server')); | ||
| } | ||
|
|
||
| //Bind the authenticating user to the LDAP directory |
There was a problem hiding this comment.
Add a whitespace between "//" and "Bind" and always start comments with lower case
| } catch (\Exception $e) { | ||
| throw new LoginException(sprintf('Failed to create principal: %s', $e->getMessage())); | ||
| } | ||
| } |
| throw new LoginException(sprintf('Failed to create principal: %s', $e->getMessage())); | ||
| } | ||
| } | ||
| $ldap_connection = $this->ldapConnect(); |
There was a problem hiding this comment.
Refactor to
if ($ldapConnection = $this->ldapConnect()) {
...
}and ALWAYS use camel case notation, means $ldap_connection should be $ldapConnection.
| protected function ldapConnect() | ||
| { | ||
|
|
||
| $ldap_connection = ldap_connect($this->ldapUrl, $this->ldapPort); |
There was a problem hiding this comment.
Also use camel case notation $ldapConnection
| $this->roleFilter = preg_replace("/\{1\}/", "$userDN", $this->roleFilter); | ||
| $search = ldap_search($ldap_connection, $this->rolesDN, $this->roleFilter); | ||
| $entry = ldap_first_entry($ldap_connection, $search); | ||
| do { |
There was a problem hiding this comment.
Add new line before ... and some docuentation
| } | ||
| try { | ||
| $group->addMember($this->createIdentity(new String($name))); | ||
| } catch (\Exception $e) { |
wagnert
approved these changes
May 24, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Implemented an LdapLoginModule for the appserver
picketbox/jboss