56 lines
2.2 KiB
HTML
56 lines
2.2 KiB
HTML
|
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
||
|
<html>
|
||
|
<head>
|
||
|
<meta content="text/html; charset=ISO-8859-15"
|
||
|
http-equiv="content-type">
|
||
|
<title>ldap.inc</title>
|
||
|
<link rel="stylesheet" type="text/css" href="style/layout.css">
|
||
|
</head>
|
||
|
<body>
|
||
|
<h1 style="text-align: center;">ldap.inc</h1>
|
||
|
<br>
|
||
|
<br>
|
||
|
This library provides the access to the LDAP server and its content.<br>
|
||
|
The <span style="font-weight: bold; font-style: italic;">$_SESSION['ldap']</span>
|
||
|
object reconnects automatically to the LDAP server on every page load.<br>
|
||
|
<br>
|
||
|
<br>
|
||
|
<h2>1. Server handle</h2>
|
||
|
All PHP functions which access LDAP require a server handle as
|
||
|
parameter. This is managed by ldap.inc.<br>
|
||
|
You can access it with <span
|
||
|
style="font-weight: bold; font-style: italic;">$_SESSION['ldap']->server</span>.<br>
|
||
|
<br>
|
||
|
<br>
|
||
|
<h2>2. Object classes</h2>
|
||
|
Account modules may want to check if the current LDAP server supports
|
||
|
all required object classes.<br>
|
||
|
<span style="font-weight: bold; font-style: italic;">$_SESSION['ldap']->objectClasses
|
||
|
</span>contains a list of object classes and their attributes which is
|
||
|
read from the LDAP server.<br>
|
||
|
<br>
|
||
|
<br>
|
||
|
<h2>3. En-/Decryption</h2>
|
||
|
For security reasons sensitive data like user passwords should be
|
||
|
encrypted before storing in session.<br>
|
||
|
<span style="font-weight: bold; font-style: italic;">$_SESSION['ldap']->encrypt(<string>)</span>
|
||
|
encrypts a string and returns a binary object. This can be decrypted
|
||
|
with <span style="font-weight: bold; font-style: italic;">$_SESSION['ldap']->decrypt(<object>)</span><br>
|
||
|
<br>
|
||
|
Ldap.inc will take care for the crypotographic key and if Blowfish or
|
||
|
MCrypt/AES is used.<br>
|
||
|
<br>
|
||
|
<br>
|
||
|
<h2>4. Random values</h2>
|
||
|
Ldap.inc contains a random integer value which is much more secure than
|
||
|
calling <span style="font-style: italic;">mt_rand()</span>. The value
|
||
|
changes on every page load and is accessible in <span
|
||
|
style="font-weight: bold; font-style: italic;">$_SESSION['ldap']->rand</span><span
|
||
|
style="font-style: italic;">.</span><br>
|
||
|
If you need multiple values you can get a new value by calling <span
|
||
|
style="font-weight: bold; font-style: italic;">$_SESSION['ldap']->new_rand()</span><span
|
||
|
style="font-style: italic;">.</span><br>
|
||
|
<br>
|
||
|
</body>
|
||
|
</html>
|