GitHub - simpleid/simpleid-ldap: SimpleID plugin for LDAP authentication

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
README		README
ldap-filesystem.store.config.php-sample		ldap-filesystem.store.config.php-sample
ldap-filesystem.store.php		ldap-filesystem.store.php
release.sh		release.sh

Repository files navigation


Installation
------------

a) copy the two files to your simpleID PHP directory (wherever the
   other simpleID *.php files are kept)

b) rename the config file

   mv ldap-filesystem.store.config.php-sample ldap-filesystem.store.config.php

c) edit the config file, specify the LDAP server name and LDAP_BASE_DN

d) modify the main simpleID config file, config.php, and change
   the store parameter like so:

      define('SIMPLEID_STORE', 'ldap-filesystem');

e) for each user, create a normal identity file, but add this extra
   line in the file somewhere:

      auth_method="LDAP"

   If the module sees this auth_method, it will authenticate against
   LDAP.  If no auth_method is specified, or if you specify
   auth_method="STATIC", it will just use the password hash within
   the identity file.

How it works
------------

- the module makes an anonymous bind to the LDAP server

- it looks at the username from the login form,
  
  - if it contains an @ symbol, it will search the LDAP server for
    a user with the `mail' attribute matching the login name
  - otherwise, it will search for a user with the matching `uid' attribute

- if more than one LDAP entry is found, access is denied

- it attempts to re-bind to the LDAP server using the DN of the 
  matched LDAP entry, and using the password supplied in the login
  form

- if the re-bind is successful, access is granted

Copyright and license
---------------------

    Copyright 2012 Daniel Pocock <[email protected]>

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.