diff options
Diffstat (limited to 'plugins/LdapAuthentication')
-rw-r--r-- | plugins/LdapAuthentication/LdapAuthenticationPlugin.php | 28 | ||||
-rw-r--r-- | plugins/LdapAuthentication/MemcacheSchemaCache.php | 75 | ||||
-rw-r--r-- | plugins/LdapAuthentication/README | 2 |
3 files changed, 100 insertions, 5 deletions
diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index 8caacff46..c14fa21a9 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -31,7 +31,6 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } -require_once INSTALLDIR.'/plugins/Authentication/AuthenticationPlugin.php'; require_once 'Net/LDAP2.php'; class LdapAuthenticationPlugin extends AuthenticationPlugin @@ -67,6 +66,16 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin throw new Exception("if password_changeable is set, the password attribute and password_encoding must also be specified"); } } + + function onAutoload($cls) + { + switch ($cls) + { + case 'MemcacheSchemaCache': + require_once(INSTALLDIR.'/plugins/LdapAuthentication/MemcacheSchemaCache.php'); + return false; + } + } //---interface implementation---// @@ -174,6 +183,14 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin return false; } if($config == null) $this->default_ldap=$ldap; + + $c = common_memcache(); + if (!empty($c)) { + $cacheObj = new MemcacheSchemaCache( + array('c'=>$c, + 'cacheKey' => common_cache_key('ldap_schema:' . crc32(serialize($config))))); + $ldap->registerSchemaCache($cacheObj); + } return $ldap; } @@ -192,20 +209,21 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin $options = array( 'attributes' => $attributes ); - $search = $ldap->search(null,$filter,$options); + $search = $ldap->search($this->basedn, $filter, $options); if (PEAR::isError($search)) { common_log(LOG_WARNING, 'Error while getting DN for user: '.$search->getMessage()); return false; } - if($search->count()==0){ + $searchcount = $search->count(); + if($searchcount == 0) { return false; - }else if($search->count()==1){ + }else if($searchcount == 1) { $entry = $search->shiftEntry(); return $entry; }else{ - common_log(LOG_WARNING, 'Found ' . $search->count() . ' ldap user with the username: ' . $username); + common_log(LOG_WARNING, 'Found ' . $searchcount . ' ldap user with the username: ' . $username); return false; } } diff --git a/plugins/LdapAuthentication/MemcacheSchemaCache.php b/plugins/LdapAuthentication/MemcacheSchemaCache.php new file mode 100644 index 000000000..6b91d17d6 --- /dev/null +++ b/plugins/LdapAuthentication/MemcacheSchemaCache.php @@ -0,0 +1,75 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * Cache the LDAP schema in memcache to improve performance + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews <candrews@integralblue.com> + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ +class MemcacheSchemaCache implements Net_LDAP2_SchemaCache +{ + protected $c; + protected $cacheKey; + + /** + * Initialize the simple cache + * + * Config is as following: + * memcache memcache instance + * cachekey the key in the cache to look at + * + * @param array $cfg Config array + */ + public function MemcacheSchemaCache($cfg) + { + $this->c = $cfg['c']; + $this->cacheKey = $cfg['cacheKey']; + } + + /** + * Return the schema object from the cache + * + * @return Net_LDAP2_Schema|Net_LDAP2_Error|false + */ + public function loadSchema() + { + return $this->c->get($this->cacheKey); + } + + /** + * Store a schema object in the cache + * + * This method will be called, if Net_LDAP2 has fetched a fresh + * schema object from LDAP and wants to init or refresh the cache. + * + * To invalidate the cache and cause Net_LDAP2 to refresh the cache, + * you can call this method with null or false as value. + * The next call to $ldap->schema() will then refresh the caches object. + * + * @param mixed $schema The object that should be cached + * @return true|Net_LDAP2_Error|false + */ + public function storeSchema($schema) { + return $this->c->set($this->cacheKey, $schema); + } +} diff --git a/plugins/LdapAuthentication/README b/plugins/LdapAuthentication/README index 2226159c2..0460fb639 100644 --- a/plugins/LdapAuthentication/README +++ b/plugins/LdapAuthentication/README @@ -42,6 +42,8 @@ filter: Default search filter. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +schema_cachefile: File location to store ldap schema. +schema_maxage: TTL for cache file. attributes: an array that relates StatusNet user attributes to LDAP ones username*: LDAP attribute value entered when authenticating to StatusNet |