ldap_rename
Code snippet demonstrating how to establish a TLS-encrypted connection to an OpenLDAP server from an Apache webserver and authenticate using a user's Kerberos credentials. Credentials MUST be delegated to the web server for this method to work.
<?php
putenv("KRB5CCNAME={$_SERVER['KRB5CCNAME']}");
$resource = ldap_connect("ldap.example.com")
or die("Failed to connect to LDAP server.");
echo "Connected to LDAP server.<br />";
//these options may not be necessary in all environments
ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3);
ldap_set_option($resource, LDAP_OPT_REFERRALS, 0);
$result = ldap_start_tls($resource)
or die("Failed to start TLS");
echo "Started TLS.<br />";
$result = ldap_sasl_bind($resource, NULL, '', 'GSSAPI', 'EXAMPLE.COM', '', '')
or die("Failed to GSSAPI bind.<br />");
echo "GSSAPI bound.";
?>
ldap_sasl_bind
(PHP 5)
ldap_sasl_bind — Bind to LDAP directory using SASL
Descrição
bool ldap_sasl_bind
( resource $link
[, string $binddn = NULL
[, string $password = NULL
[, string $sasl_mech = NULL
[, string $sasl_realm = NULL
[, string $sasl_authc_id = NULL
[, string $sasl_authz_id = NULL
[, string $props = NULL
]]]]]]] )
Aviso
Esta função não está documentada; somente a lista de argumentos está disponível.
Valor Retornado
Retorna TRUE em caso de sucesso ou FALSE em falhas.
Notas
Nota: Requirement
ldap_sasl_bind() requires SASL support (sasl.h). Be sure --with-ldap-sasl is used when configuring PHP otherwise this function will be undefined.
Histórico
| Versão | Descrição |
|---|---|
| 5.3.3 | Support on Windows was added. |
User Contributed Notes
ldap_sasl_bind
ldap_sasl_bind
Caleb Callaway
05-Aug-2011 06:18
05-Aug-2011 06:18
dwhite at olp dot net
22-Sep-2007 02:30
22-Sep-2007 02:30
With the patch introduced in the bug below (which has been included in CVS), the parameters for this function should be:
bool ldap_sasl_bind ( resource $link [, string $binddn [, string $password [, string $sasl_mech [, string $sasl_realm [, string $sasl_authc_id [, string $sasl_authz_id [, string $props]]]]]]] )
Some example calls:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy');
With authz_id, specifying a dn:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'dn:uid=tommy,ou=people,dc=example,dc=com');
With authz_id, specifying a SASL username:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'u:tommy');
Also, since SASL authentication was introduced in LDAP version 3,
you may need to explicitly set the version number with:
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
dahgdevash at gmail dot com
25-May-2007 07:44
25-May-2007 07:44
Bug , the function parameters are sent incorrectly to the server
Look at:
http://bugs.php.net/bug.php?id=39291