-
Notifications
You must be signed in to change notification settings - Fork 1
/
README
67 lines (42 loc) · 2.1 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
Installation
------------
a) copy the two files to your simpleID PHP directory (wherever the
other simpleID *.php files are kept)
b) rename the config file
mv ldap-filesystem.store.config.php-sample ldap-filesystem.store.config.php
c) edit the config file, specify the LDAP server name and LDAP_BASE_DN
d) modify the main simpleID config file, config.php, and change
the store parameter like so:
define('SIMPLEID_STORE', 'ldap-filesystem');
e) for each user, create a normal identity file, but add this extra
line in the file somewhere:
auth_method="LDAP"
If the module sees this auth_method, it will authenticate against
LDAP. If no auth_method is specified, or if you specify
auth_method="STATIC", it will just use the password hash within
the identity file.
How it works
------------
- the module makes an anonymous bind to the LDAP server
- it looks at the username from the login form,
- if it contains an @ symbol, it will search the LDAP server for
a user with the `mail' attribute matching the login name
- otherwise, it will search for a user with the matching `uid' attribute
- if more than one LDAP entry is found, access is denied
- it attempts to re-bind to the LDAP server using the DN of the
matched LDAP entry, and using the password supplied in the login
form
- if the re-bind is successful, access is granted
Copyright and license
---------------------
Copyright 2012 Daniel Pocock <[email protected]>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.