Path

ez components / documentation / api reference / 2008.2.1 / authentication


eZ Components 2008.2.1

Authentication: ezcAuthenticationLdapFilter

[ Tutorial ] [ Rfcs ] [ Security ] [ Class tree ] [ Element index ] [ ChangeLog ] [ Credits ]

Class: ezcAuthenticationLdapFilter

Filter to authenticate against an LDAP directory. [source]

Implemented Interfaces

This filter depends on the PHP ldap extension. If this extension is not installed then the constructor will throw an ezcExtensionNotFoundException.
Example:
 1.  $credentials new ezcAuthenticationPasswordCredentials'jan.modaal''qwerty' );
 2.  $ldap new ezcAuthenticationLdapInfo'localhost''uid=%id%''dc=example,dc=com'389 );
 3.  $authentication new ezcAuthentication$credentials );
 4.  $authentication->addFilternew ezcAuthenticationLdapFilter$ldap ) );
 5.  // add more filters if needed
 6.   if !$authentication->run() )
 7.  {
 8.      // authentication did not succeed, so inform the user
 9.           $status $authentication->getStatus();
10.      $err array(
11.              'ezcAuthenticationLdapFilter' => array(
12.                  ezcAuthenticationLdapFilter::STATUS_USERNAME_INCORRECT => 'Incorrect username',
13.                  ezcAuthenticationLdapFilter::STATUS_PASSWORD_INCORRECT => 'Incorrect password'
14.                  )
15.              );
16.      foreach $status as $line )
17.      {
18.          list$key$value each$line );
19.          echo $err[$key][$value"\n";
20.      }
21.  }
22.  else
23.  {
24.      // authentication succeeded, so allow the user to see his content
25.   }
Extra data can be fetched from the LDAP server during the authentication process, by registering the data to be fetched before calling run(). Example:
1.  // $filter is an ezcAuthenticationLdapFilter object
2.   $filter->registerFetchDataarray'name''company''mobile' ) );
3.  
4.  // after run()
5.   $data $filter->fetchData();
The $data array will be something like:
1.  array'name' = > array'Dr. No' ),
2.         'company' => array'SPECTRE' ),
3.         'mobile' => array'555-7732873' )
4.       );

Parents

ezcAuthenticationFilter
   |
   --ezcAuthenticationLdapFilter

Constants

PROTOCOL_PLAIN = 1 Use plain-text password and no encryption for the connection (default).
PROTOCOL_TLS = 2 Use plain-text password and TLS connection.
STATUS_PASSWORD_INCORRECT = 2 Password is incorrect.
STATUS_USERNAME_INCORRECT = 1 Username is not found in the database.

Inherited Constants

From ezcAuthenticationFilter:
ezcAuthenticationFilter::STATUS_OK    Successful authentication.

Properties

ezcAuthenticationLdapInfo read/write  $ldap
Structure which holds the LDAP server hostname, entry format and base, and port.

Member Variables

protected array(string=>mixed) $data = array()
Holds the extra data fetched during the authentication process.

Usually it has this structure:
1.  array'name' = > array'Dr. No' ),
2.         'company' => array'SPECTRE' ),
3.         'mobile' => array'555-7732873' )
4.       );
protected array(string) $requestedData = array()
Holds the attributes which will be requested during the authentication process.

Usually it has this structure:
1.  array'name''company''mobile' );

Inherited Member Variables

From ezcAuthenticationFilter:
protected  ezcAuthenticationFilter::$options

Method Summary

public ezcAuthenticationLdapFilter __construct( $ldap, [$options = null] )
Creates a new object of this class.
public array(string=>mixed) fetchData( )
Returns the extra data fetched during the authentication process.
protected mixed ldapConnect( $host, [$port = 389] )
Wraps around the ldap_connect() function.
protected bool ldapStartTls( $connection )
Wraps around the ldap_start_tls() function.
public void registerFetchData( [$data = array()] )
Registers which extra data to fetch during the authentication process.
public int run( $credentials )
Runs the filter and returns a status code when finished.

Inherited Methods

From ezcAuthenticationFilter :
public ezcAuthenticationFilterOptions ezcAuthenticationFilter::getOptions()
Returns the options of this class.
public abstract int ezcAuthenticationFilter::run()
Runs the filter and returns a status code when finished.
public void ezcAuthenticationFilter::setOptions()
Sets the options of this class to $options.

Methods

__construct

ezcAuthenticationLdapFilter __construct( ezcAuthenticationLdapInfo $ldap, [ezcAuthenticationLdapOptions $options = null] )
Creates a new object of this class.

Parameters

Name Type Description
$ldap ezcAuthenticationLdapInfo How to connect to LDAP
$options ezcAuthenticationLdapOptions Options for this class

Throws

ClassDescription
ezcBaseExtensionNotFoundException if the PHP ldap extension is not installed

fetchData

array(string=>mixed) fetchData( )
Returns the extra data fetched during the authentication process.
The return is something like:
1.  array'name' = > array'Dr. No' ),
2.         'company' => array'SPECTRE' ),
3.         'mobile' => array'555-7732873' )
4.       );

ldapConnect

mixed ldapConnect( string $host, [int $port = 389] )
Wraps around the ldap_connect() function.
Returns the connection as a resource if it was successful.

Parameters

Name Type Description
$host string The LDAP hostname
$port int The LDAP port to connect to $host, default 389

ldapStartTls

bool ldapStartTls( mixed $connection )
Wraps around the ldap_start_tls() function.
Returns true if it was possible to start a TLS connection on the provided $connection.

Parameters

Name Type Description
$connection mixed An established LDAP connection

registerFetchData

void registerFetchData( [ $data = array()] )
Registers which extra data to fetch during the authentication process.
The input $data is an array of attributes to request, for example:
1.  array'name''company''mobile' );

Parameters

Name Type Description
$data array(string) A list of attributes to fetch during authentication

run

int run( ezcAuthenticationPasswordCredentials $credentials )
Runs the filter and returns a status code when finished.

Parameters

Name Type Description
$credentials ezcAuthenticationPasswordCredentials Authentication credentials

Throws

ClassDescription
ezcAuthenticationLdapException if the connecting and binding to the LDAP server could not be performed

Redefinition of

Method Description
ezcAuthenticationFilter::run() Runs the filter and returns a status code when finished.

Last updated: Mon, 09 Feb 2009