- Модуль: ldap
- Путь к файлу: ~/bitrix/modules/ldap/classes/general/ldap.php
- Класс: CLDAP
- Вызов: CLDAP::NTLMAuth
static function NTLMAuth()
{
global $USER;
if($USER->IsAuthorized())
return;
if(!array_key_exists("AUTH_TYPE", $_SERVER) || ($_SERVER["AUTH_TYPE"] != "NTLM" && $_SERVER["AUTH_TYPE"] != "Negotiate"))
return;
$ntlm_varname = trim(COption::GetOptionString('ldap', 'ntlm_varname', 'REMOTE_USER'));
$LOGIN = isset($_SERVER[$ntlm_varname]) ? (string)$_SERVER[$ntlm_varname] : '';
if($LOGIN !== '')
{
$DOMAIN = "";
if(($pos = mb_strpos($LOGIN, "\")) !== false)
{
$DOMAIN = mb_substr($LOGIN, 0, $pos);
$LOGIN = mb_substr($LOGIN, $pos + 1);
}
elseif($_SERVER["AUTH_TYPE"] == "Negotiate" && (($pos = mb_strpos($LOGIN, "@")) !== false))
{
$DOMAIN = mb_substr($LOGIN, $pos + 1);
$LOGIN = mb_substr($LOGIN, 0, $pos);
}
$arFilterServer = array('ACTIVE' => 'Y');
if($DOMAIN <> '')
{
$arFilterServer['CODE'] = $DOMAIN;
}
else
{
$DEF_DOMAIN_ID = intval(COption::GetOptionInt('ldap', 'ntlm_default_server', 0));
if($DEF_DOMAIN_ID > 0)
$arFilterServer['ID'] = $DEF_DOMAIN_ID;
else
return;
}
$db_ldap_serv = CLdapServer::GetList(Array(), $arFilterServer);
/*@var $xLDAP CLDAP*/
while($xLDAP = $db_ldap_serv->GetNextServer())
{
if($xLDAP->Connect())
{
if($arLdapUser = $xLDAP->FindUser($LOGIN))
{
$ID = $xLDAP->SetUser($arLdapUser, (COption::GetOptionString("ldap", "add_user_when_auth", "Y")=="Y"));
if($ID > 0)
{
$USER->Authorize($ID);
$xLDAP->Disconnect();
return;
}
}
$xLDAP->Disconnect();
}
}
}
}