diff options
| author | Jaime Pérez Crespo <jaime.perez@uninett.no> | 2016-02-03 09:12:53 +0100 |
|---|---|---|
| committer | Jaime Pérez Crespo <jaime.perez@uninett.no> | 2016-02-03 09:12:53 +0100 |
| commit | 4d69e6ff8650f073fed647754b7a818353cf7ec7 (patch) | |
| tree | 6898315374a3df2fe7ec1b1b361fe2329225a6dc /lib/SimpleSAML | |
| parent | 864de72f538f4b0c3a258e15a14fb276e609af70 (diff) | |
| parent | 29c16fb3e9ca2a710359efa292826088f318d08b (diff) | |
| download | simplesamlphp-4d69e6ff8650f073fed647754b7a818353cf7ec7.zip simplesamlphp-4d69e6ff8650f073fed647754b7a818353cf7ec7.tar.gz simplesamlphp-4d69e6ff8650f073fed647754b7a818353cf7ec7.tar.bz2 | |
Merge pull request #325 from randomfire/master
- Added search.filter to allow for custom LDAP search filters
Diffstat (limited to 'lib/SimpleSAML')
| -rw-r--r-- | lib/SimpleSAML/Auth/LDAP.php | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/lib/SimpleSAML/Auth/LDAP.php b/lib/SimpleSAML/Auth/LDAP.php index 794e843..986c397 100644 --- a/lib/SimpleSAML/Auth/LDAP.php +++ b/lib/SimpleSAML/Auth/LDAP.php @@ -202,7 +202,7 @@ class SimpleSAML_Auth_LDAP { * @throws SimpleSAML_Error_UserNotFound if: * - Zero entries was found */ - private function search($base, $attribute, $value) { + private function search($base, $attribute, $value, $searchFilter=NULL) { // Create the search filter $attribute = self::escape_filter_value($attribute, FALSE); @@ -213,6 +213,11 @@ class SimpleSAML_Auth_LDAP { } $filter = '(|' . $filter . ')'; + // Append LDAP filters if defined + if ($searchFilter!=NULL) { + $filter = "(&".$filter."".$searchFilter.")"; + } + // Search using generated filter SimpleSAML_Logger::debug('Library - LDAP search(): Searching base \'' . $base . '\' for \'' . $filter . '\''); // TODO: Should aliases be dereferenced? @@ -271,7 +276,7 @@ class SimpleSAML_Auth_LDAP { * - $allowZeroHits er TRUE and no result is found * */ - public function searchfordn($base, $attribute, $value, $allowZeroHits = FALSE) { + public function searchfordn($base, $attribute, $value, $allowZeroHits = FALSE, $searchFilter = NULL) { // Traverse all search bases, returning DN if found $bases = SimpleSAML\Utils\Arrays::arrayize($base); @@ -279,7 +284,8 @@ class SimpleSAML_Auth_LDAP { foreach ($bases AS $current) { try { // Single base search - $result = $this->search($current, $attribute, $value); + $result = $this->search($current, $attribute, $value, $searchFilter); + // We don't hawe to look any futher if user is found if (!empty($result)) { return $result; |