diff -r -u mantisbt-1.2.1\/account_update.php mantisbt-1.2.1x/account_update.php
--- mantisbt-1.2.1\/account_update.php 2010-04-23 14:28:34.000000000 +0300
+++ mantisbt-1.2.1x/account_update.php 2010-05-13 13:09:10.962955300 +0300
@@ -31,6 +31,10 @@
require_once( 'email_api.php' );
+ if ( MIXED == $g_login_method) {
+ $g_login_method = MD5;
+ }
+
form_security_validate('account_update');
auth_ensure_user_authenticated();
diff -r -u mantisbt-1.2.1\/config_defaults_inc.php mantisbt-1.2.1x/config_defaults_inc.php
--- mantisbt-1.2.1\/config_defaults_inc.php 2010-04-23 14:28:34.000000000 +0300
+++ mantisbt-1.2.1x/config_defaults_inc.php 2010-05-13 14:03:07.270004500 +0300
@@ -1720,8 +1720,65 @@
* systems this option should be set to ''.
*/
$g_ldap_simulation_file_path = '';
+
+ /**
+ * Whether or not to store password, realname and email from LDAP to local database.
+ *
+ * @global int $g_ldap_store_to_localdb
+ */
+ $g_ldap_store_to_localdb = ON;
/*******************
+ * Multi LDAP auth *
+ *******************/
+ /**
+ * The same as for LDAP but you can configure defferent options for each LDAP profile.
+ * And additional you can use other auth schemes this way
+ * To enable multi LDAP scheme set $g_login_method to MIXED
+ */
+
+ $g_auth_profiles = array (
+ "0" => array(
+ "auth_profile_name" => "LOCAL",
+ "login_method" => MD5
+ ),
+ "1" => array(
+ "auth_profile_name" => "LDAP SERVER 1",
+ "login_method" => LDAP,
+ "ldap_server" => "ldap1.example1.com.au",
+ "ldap_port" => "389",
+ "ldap_root_dn" => "dc=example1,dc=com,dc=au",
+ "ldap_organization" => "",
+ "ldap_uid_field" => "sAMAccountName",
+ "ldap_realname_field" => "cn",
+ "ldap_bind_dn" => "",
+ "ldap_bind_passwd" => "",
+ "ldap_email" => OFF,
+ "ldap_realname" => OFF,
+ "ldap_protocol_version" => "3",
+ "ldap_follow_referrals" => OFF,
+ "ldap_simulation_file_path" => ""
+ ),
+ "2" => array(
+ "auth_profile_name" => "LDAP SERVER 2",
+ "login_method" => LDAP,
+ "ldap_server" => "ldap2.example2.com.au",
+ "ldap_port" => "389",
+ "ldap_root_dn" => "dc=example1,dc=com,dc=au",
+ "ldap_organization" => "",
+ "ldap_uid_field" => "sAMAccountName",
+ "ldap_realname_field" => "cn",
+ "ldap_bind_dn" => "",
+ "ldap_bind_passwd" => "",
+ "ldap_email" => OFF,
+ "ldap_realname" => OFF,
+ "ldap_protocol_version" => "3",
+ "ldap_follow_referrals" => OFF,
+ "ldap_simulation_file_path" => ""
+ )
+ );
+
+ /*******************
* Status Settings *
*******************/
@@ -2479,6 +2536,7 @@
/**
* login method
* CRYPT or PLAIN or MD5 or LDAP or BASIC_AUTH
+ * or MIXED for multiLDAP
* You can simply change this at will. MantisBT will try to figure out how the passwords were encrypted.
* @global int $g_login_method
*/
@@ -2797,6 +2855,15 @@
* @global string $g_bug_list_cookie
*/
$g_bug_list_cookie = '%cookie_prefix%_BUG_LIST_COOKIE';
+
+ /**
+ *
+ * @global string $g_bug_list_cookie
+ */
+ $g_logon_to_cookie = '%cookie_prefix%_LOGON_TO_COOKIE';
+
+
+
/*****************************
* MantisBT Filter Variables *
diff -r -u mantisbt-1.2.1\/core/authentication_api.php mantisbt-1.2.1x/core/authentication_api.php
--- mantisbt-1.2.1\/core/authentication_api.php 2010-04-23 14:28:34.000000000 +0300
+++ mantisbt-1.2.1x/core/authentication_api.php 2010-05-13 13:22:36.317013700 +0300
@@ -52,6 +52,18 @@
*/
$g_cache_current_user_id = null;
+
+ if (gpc_get_cookie( config_get('logon_to_cookie'), '')){
+ $t_cookie_logon_to = gpc_get_cookie( config_get('logon_to_cookie'), '');
+
+ if ( MIXED == $g_login_method ){
+ foreach ($g_auth_profiles[$t_cookie_logon_to] as $t_key => $t_value){
+ ${'g_'.$t_key} = $t_value;
+ }
+ }
+ }
+
+
/**
* Check that there is a user logged-in and authenticated
* If the user's account is disabled they will be logged out
@@ -458,12 +470,17 @@
$t_cookie_name = config_get( 'string_cookie' );
+ $t_cookie_logon_to = config_get( 'logon_to_cookie' );
+ global $f_logon_to;
+
if( $p_perm_login ) {
# set permanent cookie (1 year)
gpc_set_cookie( $t_cookie_name, $t_cookie_string, true );
+ gpc_set_cookie( $t_cookie_logon_to, $g_ldap_server, true );
} else {
# set temp cookie, cookie dies after browser closes
gpc_set_cookie( $t_cookie_name, $t_cookie_string, false );
+ gpc_set_cookie( $t_cookie_logon_to, $f_logon_to, false );
}
}
@@ -482,8 +499,10 @@
if( $g_script_login_cookie == null ) {
$t_cookie_name = config_get( 'string_cookie' );
$t_cookie_path = config_get( 'cookie_path' );
+ $t_cookie_logon_to = config_get( 'logon_to_cookie' );
gpc_clear_cookie( $t_cookie_name, $t_cookie_path );
+ gpc_clear_cookie( $t_cookie_logon_to, $t_cookie_path );
$t_cookies_cleared = true;
} else {
$g_script_login_cookie = null;
diff -r -u mantisbt-1.2.1\/core/constant_inc.php mantisbt-1.2.1x/core/constant_inc.php
--- mantisbt-1.2.1\/core/constant_inc.php 2010-04-23 14:28:34.000000000 +0300
+++ mantisbt-1.2.1x/core/constant_inc.php 2010-05-13 10:04:00.938673700 +0300
@@ -134,6 +134,7 @@
define( 'LDAP', 4 );
define( 'BASIC_AUTH', 5 );
define( 'HTTP_AUTH', 6 );
+define( 'MIXED', 7 );
# file upload methods
define( 'DISK', 1 );
diff -r -u mantisbt-1.2.1\/core/custom_function_api.php mantisbt-1.2.1x/core/custom_function_api.php
--- mantisbt-1.2.1\/core/custom_function_api.php 2010-04-23 14:28:34.000000000 +0300
+++ mantisbt-1.2.1x/core/custom_function_api.php 2010-05-13 12:02:14.394077100 +0300
@@ -197,7 +197,7 @@
CRYPT_FULL_SALT,
MD5,
);
- if( in_array( config_get( 'login_method' ), $t_can_change ) ) {
+ if( ( in_array( config_get( 'login_method' ), $t_can_change ) ) || ( is_page_name( 'verify.php' ) && config_get( 'login_method' ) == MIXED )) {
return true;
} else {
return false;
diff -r -u mantisbt-1.2.1\/core/ldap_api.php mantisbt-1.2.1x/core/ldap_api.php
--- mantisbt-1.2.1\/core/ldap_api.php 2010-04-23 14:28:34.000000000 +0300
+++ mantisbt-1.2.1x/core/ldap_api.php 2010-05-12 15:44:20.435179300 +0300
@@ -352,7 +352,10 @@
# If user authenticated successfully then update the local DB with information
# from LDAP. This will allow us to use the local data after login without
# having to go back to LDAP. This will also allow fallback to DB if LDAP is down.
- if ( $t_authenticated ) {
+
+ global $g_ldap_store_to_localdb;
+
+ if ( $t_authenticated && $g_ldap_store_to_localdb == ON ) {
$t_user_id = user_get_id_by_name( $p_username );
if ( false !== $t_user_id ) {
diff -r -u mantisbt-1.2.1\/login.php mantisbt-1.2.1x/login.php
--- mantisbt-1.2.1\/login.php 2010-04-23 14:28:34.000000000 +0300
+++ mantisbt-1.2.1x/login.php 2010-05-13 13:14:50.451675700 +0300
@@ -28,10 +28,17 @@
$f_username = gpc_get_string( 'username', '' );
$f_password = gpc_get_string( 'password', '' );
+ $f_logon_to = gpc_get_string( 'logon_to', '' );
$f_perm_login = gpc_get_bool( 'perm_login' );
$t_return = string_url( string_sanitize_url( gpc_get_string( 'return', config_get( 'default_home_page' ) ) ) );
$f_from = gpc_get_string( 'from', '' );
$f_secure_session = gpc_get_bool( 'secure_session', false );
+
+ if ( MIXED == $g_login_method ){
+ foreach ($g_auth_profiles[$f_logon_to] as $t_key => $t_value){
+ ${'g_'.$t_key} = $t_value;
+ }
+ }
$f_username = auth_prepare_username($f_username);
$f_password = auth_prepare_password($f_password);
@@ -48,11 +55,10 @@
'&error=1&username=' . urlencode( $f_username ) .
'&perm_login=' . ( $f_perm_login ? 1 : 0 ) .
'&secure_session=' . ( $f_secure_session ? 1 : 0 );
-
+
if ( HTTP_AUTH == config_get( 'login_method' ) ) {
auth_http_prompt();
exit;
}
}
-
print_header_redirect( $t_redirect_url );
diff -r -u mantisbt-1.2.1\/login_page.php mantisbt-1.2.1x/login_page.php
--- mantisbt-1.2.1\/login_page.php 2010-04-23 14:28:34.000000000 +0300
+++ mantisbt-1.2.1x/login_page.php 2010-05-13 10:37:28.636246900 +0300
@@ -132,6 +132,15 @@
+| Logon to | | ';
+}
+?>
|
|