Hello All...
I've decided to work on an LDAP authentication plugin (why not?).
Anyway, I took the IMAP auth plugin and triend to modify it to work with LDAP, but it's not working. Here's the code:
/* <?php
* Written by: Samuel Gammon
* Based on the IMAP authentication plugin by Adam Crownoble
* Contact: samusweb@gmail.com
* Created: 12/10/2005
* Name: LDAP Authentication
* For: MODX CMS (modxcms.com)
* Code Type: Plugin
* Description: Authenticate against an LDAP server
* Configuration: &server=IMAP Server;string;[your ldap server url]
&port=IMAP Port;int;993
&ssl=SSL;list;Yes,No;Yes
&validate_ssl_cert=Validate SSL Certificate;list;Yes,No;Yes
&ldap_user=LDAP Username;string;[YOUR LDAP USER NAME]
&ldap_pass=LDAP Password;string;[YOUR LDAP PASSWORD]
* Events: OnManagerAuthentication and/or OnWebAuthentication
*/
/*
License
LDAP Authentication - A MODx plugin that allows authentication against an LDAP server
Copyright (C) 2005 Adam Crownoble
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
// Psuedo Constants
$eventId = 0;
//$box = "INBOX";
$eventName = $modx->Event->activePlugin;
// Generate flags
//$flags = '/ldap';
//if($ssl == 'Yes') $flags .= '/ssl';
//if($validate_ssl_cert != 'Yes') $flags .= '/novalidate-cert';
// Assume authentication failed
$success = false;
// If LDAP extension not installed...
if(!function_exists('ldap_connect')) {
// Get the event's
if($eventName == 'OnManagerAuthentication') {
$eventId = 81;
} elseif($eventName == 'OnWebAuthentication') {
$eventId = 79;
}
// Log an error
$modx->logEvent($eventId, 3, 'The PHP LDAP extension must be enabled for the IMAP Authentication plugin to work.', 'IMAP Authentication Plugin');
// If the LDAP extension exists...
} else {
// Attempt to open an LDAP connection to the server using the given username and password
// If the connection fails PHP will throw an error so we use @ to supress it
//--------------LDAP CONNECT START
$ldap_connection = @ldap_connect("$server:$port")
if ($ldap_connection) {
$ldap_authenticate = ldap_bind($ldap_connection, $ldap_user, $ldap_pass);
if ($ldap_authenticate) {
$dn = "cn=$username"; //the object itself instead of the top search level as in ldap_search
$filter="(objectclass=*)"; // this command requires some filter
$justthese = array("cn", "pass", "mail"); //the attributes to pull, which is much more efficient than pulling all attributes if you don't do this
$sr=ldap_read($ldap_connection, $dn, $filter, $justthese);
$entry = ldap_get_entries($ds, $sr);
$entry[0]["mail"][0] = $mail_real
$entry[0]["pass"][0] = $pass_real
if ($password = $pass_real) {
$sucess = true;
}
} else {
$sucess = false;
} else {
$error = "Could not authenticate to LDAP server to search for username and pass.";
} else {
$error = "Could not connect to LDAP server.";
}
ldap_close($ldap_connection);
}
}
if ($error) {
echo $error;
}
// Return the succes boolean
$modx->Event->output($success);
What say the MODx community? I'm REALLY desperate to make this work.
Instead of spitting out an error when I configure it for the wrong server, it authenticates just fine. I'm not sure whether it is authenticating through SQL or LDAP, even in the Audit Trail.
Thanks in advance for help

.
mod note: added code tags.