diff options
| author | Thijs Kinkhorst <thijs@kinkhorst.com> | 2016-02-24 14:56:19 +0000 |
|---|---|---|
| committer | Thijs Kinkhorst <thijs@kinkhorst.com> | 2016-03-01 17:28:26 +0000 |
| commit | 16d0bb79ee0bd13c19267f4bcc06cb4129a0f4de (patch) | |
| tree | 4108499f1de6ae74ff145340e08ff94ab7594415 /modules | |
| parent | 367c1aac3ad9523525210dfaf4ed5353d3646c5f (diff) | |
| download | simplesamlphp-16d0bb79ee0bd13c19267f4bcc06cb4129a0f4de.zip simplesamlphp-16d0bb79ee0bd13c19267f4bcc06cb4129a0f4de.tar.gz simplesamlphp-16d0bb79ee0bd13c19267f4bcc06cb4129a0f4de.tar.bz2 | |
Add parameter 'realm' that will be suffixed to the username entered.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/radius/docs/radius.txt | 9 | ||||
| -rw-r--r-- | modules/radius/lib/Auth/Source/Radius.php | 14 |
2 files changed, 21 insertions, 2 deletions
diff --git a/modules/radius/docs/radius.txt b/modules/radius/docs/radius.txt index b411a97..ae5e70d 100644 --- a/modules/radius/docs/radius.txt +++ b/modules/radius/docs/radius.txt @@ -53,6 +53,15 @@ authentication source which uses the `radius:Radius` module to 'nas_identifier' => 'client.example.org', /* + * An optional realm that will be suffixed to the username entered + * by the user. When set to "example.edu", and the user enters + * "bob" as their username, the radius server will be queried for + * the username "bob@example.edu". + * Optional, defaults to NULL. + */ + 'realm' => 'example.edu', + + /* * The attribute name we should store the username in. Ths username * will not be saved in any attribute if this is NULL. * Optional, defaults to NULL. diff --git a/modules/radius/lib/Auth/Source/Radius.php b/modules/radius/lib/Auth/Source/Radius.php index 93c1b13..9947806 100644 --- a/modules/radius/lib/Auth/Source/Radius.php +++ b/modules/radius/lib/Auth/Source/Radius.php @@ -40,6 +40,11 @@ class sspmod_radius_Auth_Source_Radius extends sspmod_core_Auth_UserPassBase private $retries; /** + * The realm to be added to the entered username. + */ + private $realm; + + /** * The attribute name where the username should be stored. */ private $usernameAttribute; @@ -90,6 +95,7 @@ class sspmod_radius_Auth_Source_Radius extends sspmod_core_Auth_UserPassBase } $this->timeout = $config->getInteger('timeout', 5); $this->retries = $config->getInteger('retries', 3); + $this->realm = $config->getString('realm', null); $this->usernameAttribute = $config->getString('username_attribute', null); $this->nasIdentifier = $config->getString('nas_identifier', isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'localhost'); @@ -139,10 +145,14 @@ class sspmod_radius_Auth_Source_Radius extends sspmod_core_Auth_UserPassBase radius_strerror($radius)); } - radius_put_attr($radius, RADIUS_USER_NAME, $username); + if ($this->realm === null) { + radius_put_attr($radius, RADIUS_USER_NAME, $username); + } else { + radius_put_attr($radius, RADIUS_USER_NAME, $username . '@' . $this->realm); + } radius_put_attr($radius, RADIUS_USER_PASSWORD, $password); - if ($this->nasIdentifier != null) { + if ($this->nasIdentifier !== null) { radius_put_attr($radius, RADIUS_NAS_IDENTIFIER, $this->nasIdentifier); } |