downloads | documentation | faq | getting help | mailing lists | licenses | wiki | reporting bugs | php.net sites | conferences | my php.net

search for in the

ldap_search> <ldap_rename
[edit] Last updated: Fri, 26 Apr 2013

view this page in

ldap_sasl_bind

(PHP 5)

ldap_sasl_bindBind to LDAP directory using SASL

Description

bool ldap_sasl_bind ( resource $link [, string $binddn = NULL [, string $password = NULL [, string $sasl_mech = NULL [, string $sasl_realm = NULL [, string $sasl_authc_id = NULL [, string $sasl_authz_id = NULL [, string $props = NULL ]]]]]]] )
Warning

This function is currently not documented; only its argument list is available.

Return Values

Returns TRUE on success or FALSE on failure.

Notes

Note: Requirement
ldap_sasl_bind() requires SASL support (sasl.h). Be sure --with-ldap-sasl is used when configuring PHP otherwise this function will be undefined.

Changelog

Version Description
5.3.3 Support on Windows was added.



ldap_search> <ldap_rename
[edit] Last updated: Fri, 26 Apr 2013
 
add a note add a note User Contributed Notes ldap_sasl_bind - [4 notes]
up
1
dahgdevash at gmail dot com
5 years ago
Bug , the function parameters are sent incorrectly to the server
Look at:
http://bugs.php.net/bug.php?id=39291
up
0
devel at romanr dot info
6 months ago
There is some reenterability bug: you can't use this function several times in a single process. PHP process (apache or fastcgi) should be restarted. Consider PHP_FCGI_MAX_REQUESTS=1
up
0
dwhite at olp dot net
5 years ago
With the patch introduced in the bug below (which has been included in CVS), the parameters for this function should be:

bool ldap_sasl_bind ( resource $link [, string $binddn [, string $password [, string $sasl_mech [, string $sasl_realm [, string $sasl_authc_id [, string $sasl_authz_id [, string $props]]]]]]] )

Some example calls:

$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy');

With authz_id, specifying a dn:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'dn:uid=tommy,ou=people,dc=example,dc=com');

With authz_id, specifying a SASL username:
$r=ldap_sasl_bind ( $ds, NULL, 'mysecret', 'DIGEST-MD5', NULL, 'jimmy', 'u:tommy');

Also, since SASL authentication was introduced in LDAP version 3,
you may need to explicitly set the version number with:
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
up
-1
Caleb Callaway
1 year ago
Code snippet demonstrating how to establish a TLS-encrypted connection to an OpenLDAP server from an Apache webserver and authenticate using a user's Kerberos credentials. Credentials MUST be delegated to the web server for this method to work.

<?php

putenv("KRB5CCNAME={$_SERVER['KRB5CCNAME']}");

$resource = ldap_connect("ldap.example.com")
    or die("Failed to connect to LDAP server.");

echo "Connected to LDAP server.<br />";

//these options may not be necessary in all environments
ldap_set_option($resource, LDAP_OPT_PROTOCOL_VERSION, 3);   
ldap_set_option($resource, LDAP_OPT_REFERRALS, 0);
   
$result = ldap_start_tls($resource)
    or die("Failed to start TLS");

echo "Started TLS.<br />";

$result = ldap_sasl_bind($resource, NULL, '', 'GSSAPI', 'EXAMPLE.COM', '', '')
    or die("Failed to GSSAPI bind.<br />");

echo "GSSAPI bound.";
  
?>
add a note add a note

 
show source | credits | stats | sitemap | contact | advertising | mirror sites