diff --git a/Core/Frameworks/Baikal/Core/Server.php b/Core/Frameworks/Baikal/Core/Server.php
index 957cac3..fcc2e3c 100644
--- a/Core/Frameworks/Baikal/Core/Server.php
+++ b/Core/Frameworks/Baikal/Core/Server.php
@@ -133,6 +133,8 @@ class Server {
if ($this->authType === 'Basic') {
$authBackend = new \Baikal\Core\PDOBasicAuth($this->pdo, $this->authRealm);
+ } elseif ($this->authType === 'LDAP-UserBind') {
+ $authBackend = new \Baikal\Core\LDAPUserBindAuth($this->pdo, $this->authRealm);
} else {
$authBackend = new \Sabre\DAV\Auth\Backend\PDO($this->pdo);
$authBackend->setRealm($this->authRealm);
diff --git a/Core/Frameworks/Baikal/Model/Config/Standard.php b/Core/Frameworks/Baikal/Model/Config/Standard.php
index 2e07f44..948b5be 100644
--- a/Core/Frameworks/Baikal/Model/Config/Standard.php
+++ b/Core/Frameworks/Baikal/Model/Config/Standard.php
@@ -46,6 +46,22 @@ class Standard extends \Baikal\Model\Config {
"type" => "string",
"comment" => "HTTP authentication type for WebDAV; default Digest"
],
+ "BAIKAL_DAV_LDAP_URI" => [
+ "type" => "string",
+ "comment" => "URI to LDAP Server (for ldap-userbind auth); default ldapi:///"
+ ],
+ "BAIKAL_DAV_LDAP_DN_TEMPLATE" => [
+ "type" => "string",
+ "comment" => "User DN for bind; with replacments %n => username, %u => user part, %d => domain part of username"
+ ],
+ "BAIKAL_DAV_LDAP_DISPLAYNAME_ATTR" => [
+ "type" => "string",
+ "comment" => "LDAP-attribute for displayname; default cn"
+ ],
+ "BAIKAL_DAV_LDAP_EMAIL_ATTR" => [
+ "type" => "string",
+ "comment" => "LDAP-attribute for email; default mail"
+ ],
"BAIKAL_ADMIN_PASSWORDHASH" => [
"type" => "string",
"comment" => "Baïkal Web admin password hash; Set via Baïkal Web Admin",
@@ -58,6 +74,10 @@ class Standard extends \Baikal\Model\Config {
"BAIKAL_CARD_ENABLED" => true,
"BAIKAL_CAL_ENABLED" => true,
"BAIKAL_DAV_AUTH_TYPE" => "Digest",
+ "BAIKAL_DAV_LDAP_URI" => "ldapi:///",
+ "BAIKAL_DAV_LDAP_DN_TEMPLATE" => "uid=%n,dc=example,dc=com",
+ "BAIKAL_DAV_LDAP_DISPLAYNAME_ATTR" => "cn",
+ "BAIKAL_DAV_LDAP_EMAIL_ATTR" => "mail",
"BAIKAL_ADMIN_PASSWORDHASH" => ""
];
@@ -85,7 +105,31 @@ class Standard extends \Baikal\Model\Config {
$oMorpho->add(new \Formal\Element\Listbox([
"prop" => "BAIKAL_DAV_AUTH_TYPE",
"label" => "WebDAV authentication type",
- "options" => ["Digest", "Basic"]
+ "options" => ["Digest", "Basic", "LDAP-UserBind"]
+ ]));
+
+ $oMorpho->add(new \Formal\Element\Text([
+ "prop" => "BAIKAL_DAV_LDAP_URI",
+ "label" => "LDAP URI"
+ ]));
+
+ $oMorpho->add(new \Formal\Element\Text([
+ "prop" => "BAIKAL_DAV_LDAP_DN_TEMPLATE",
+ "label" => "LDAP DN template",
+ "popover" => [
+ "title" => "posible placeholder",
+ "content" => "%n - username
%u - user part of username , when it is an email address)
%d - domain part",
+ ]
+ ]));
+
+ $oMorpho->add(new \Formal\Element\Text([
+ "prop" => "BAIKAL_DAV_LDAP_DISPLAYNAME_ATTR",
+ "label" => "LDAP attribute for DisplayName"
+ ]));
+
+ $oMorpho->add(new \Formal\Element\Text([
+ "prop" => "BAIKAL_DAV_LDAP_EMAIL_ATTR",
+ "label" => "LDAP attribute for eMail"
]));
$oMorpho->add(new \Formal\Element\Password([
@@ -180,6 +224,21 @@ define("BAIKAL_CAL_ENABLED", TRUE);
# WebDAV authentication type; default Digest
define("BAIKAL_DAV_AUTH_TYPE", "Digest");
+# Auth Backend LDAP-UserBind; LDAP URI
+define("BAIKAL_DAV_LDAP_URI", 'ldapi:///');
+
+# Auth Backend LDAP-UserBind; Template for userbind
+# %n => username
+# %u => user part of username when it is an email
+# %u => domain part of username when it is an email
+define("BAIKAL_DAV_LDAP_DN_TEMPLATE", 'cn=%u,dc=%d,ou=domains,o=server');
+
+# Auth Backend LDAP-UserBind; attribute for displayname
+define("BAIKAL_DAV_LDAP_DISPLAYNAME_ATTR", 'cn');
+
+# Auth Backend LDAP-UserBind; attribute for email
+define("BAIKAL_DAV_LDAP_EMAIL_ATTR", 'mail');
+
# Baïkal Web admin password hash; Set via Baïkal Web Admin
define("BAIKAL_ADMIN_PASSWORDHASH", "");
CODE;