config/config.ini.sample lib/Kolab

Thomas Brüderli bruederli at kolabsys.com
Tue May 20 09:00:29 CEST 2014 

 config/config.ini.sample             |    2 +-
 lib/Kolab/FreeBusy/DirectoryLDAP.php |    9 ++++++---
 lib/Kolab/FreeBusy/HTTPAuth.php      |    5 +++++
 3 files changed, 12 insertions(+), 4 deletions(-)

New commits:
commit c86278b42551e3753b3d858f6b386a4cf17fb04e
Author: Thomas Bruederli <thomas at roundcube.net>
Date:   Tue May 20 08:59:56 2014 +0200

    Use %dc and %u placeholders in LDAP config properties for multi-domain setups (#2630)

diff --git a/config/config.ini.sample b/config/config.ini.sample
index c20a2de..b22159e 100644
--- a/config/config.ini.sample
+++ b/config/config.ini.sample
@@ -51,7 +51,7 @@ type = ldap
 host = ldap://localhost:389
 bind_dn = "uid=kolab-service,ou=Special Users,dc=yourdomain,dc=com"
 bind_pw = "<service-bind-pw>"
-base_dn = "dc=yourdomain,dc=com"
+base_dn = "People,dc=yourdomain,dc=com"  ; use %dc as placeholder for the domain part extracted from the request string
 filter = "(&(objectClass=kolabInetOrgPerson)(|(uid=%s)(mail=%s)(alias=%s)))"
 attributes = mail, sn, alias
 lc_attributes = sn
diff --git a/lib/Kolab/FreeBusy/DirectoryLDAP.php b/lib/Kolab/FreeBusy/DirectoryLDAP.php
index ea920d0..0a4ecff 100644
--- a/lib/Kolab/FreeBusy/DirectoryLDAP.php
+++ b/lib/Kolab/FreeBusy/DirectoryLDAP.php
@@ -99,9 +99,12 @@ class DirectoryLDAP extends Directory
 		$result = array('s' => $user);
 
 		if ($this->ready) {
-			// search with configured filter
-			$filter = preg_replace('/%s/i', $user, $this->config['filter']);
-			$ldapresult = $this->ldap->search($this->config['base_dn'], $filter, 'sub', Config::convert($this->config['attributes'], Config::ARR));
+			// search with configured base_dn and filter
+			list($u, $d) = explode('@', $user);
+			$replaces = array('%dc' => 'dc=' . str_replace('.', ',dc=', $d), '%u' => $u);
+			$base_dn = strtr($this->config['base_dn'], $replaces);
+			$filter = preg_replace('/%s/i', $user, strtr($this->config['filter'], $replaces));
+			$ldapresult = $this->ldap->search($base_dn, $filter, 'sub', Config::convert($this->config['attributes'], Config::ARR));
 
 			// got a valid result
 			if ($ldapresult && $ldapresult->count()) {
diff --git a/lib/Kolab/FreeBusy/HTTPAuth.php b/lib/Kolab/FreeBusy/HTTPAuth.php
index c4bd288..4be5be4 100644
--- a/lib/Kolab/FreeBusy/HTTPAuth.php
+++ b/lib/Kolab/FreeBusy/HTTPAuth.php
@@ -78,6 +78,11 @@ class HTTPAuth
 	{
 		self::$logger = Logger::get('httpauth', intval($config['loglevel']));
 
+		list($u, $d) = explode('@', $user);
+		$replaces = array('%dc' => 'dc=' . str_replace('.', ',dc=', $d), '%u' => $u);
+		$config['base_dn'] = strtr($config['base_dn'], $replaces);
+		$config['filter'] = strtr($config['filter'], $replaces);
+
 		$host = parse_url($config['host']);
 		$ldap_config = array(
 			'hosts'   => array($host['host']),

More information about the commits mailing list