diff --git a/application/controllers/admin/authentication.php b/application/controllers/admin/authentication.php
index 788be648dfa..bd6a8c04394 100644
--- a/application/controllers/admin/authentication.php
+++ b/application/controllers/admin/authentication.php
@@ -58,6 +58,9 @@ public function index()
if (!$beforeLogin->isStopped() && is_null(App()->getRequest()->getPost('login_submit')))
{
+ if (!is_null($beforeLogin->get('default'))) {
+ $aData['defaultAuth'] = $beforeLogin->get('default');
+ }
$newLoginForm = new PluginEvent('newLoginForm');
App()->getPluginManager()->dispatchEvent($newLoginForm);
$aData['summary'] = $this->_getSummary('logout');
diff --git a/application/core/plugins/AuthLDAP/AuthLDAP.php b/application/core/plugins/AuthLDAP/AuthLDAP.php
new file mode 100644
index 00000000000..36cdadf97a9
--- /dev/null
+++ b/application/core/plugins/AuthLDAP/AuthLDAP.php
@@ -0,0 +1,110 @@
+ array(
+ 'type' => 'string',
+ 'label' => 'Ldap server e.g. ldap://ldap.mydomain.com'
+ ),
+ 'domainsuffix' => array(
+ 'type' => 'string',
+ 'label' => 'Domain suffix for username e.g. @mydomain.com'
+ ),
+ 'is_default' => array(
+ 'type' => 'boolean',
+ 'label' => 'Should this plugin present itself as default authentication method?'
+ )
+ );
+
+ public function __construct(PluginManager $manager, $id) {
+ parent::__construct($manager, $id);
+
+ /**
+ * Here you should handle subscribing to the events your plugin will handle
+ */
+ $this->subscribe('beforeLogin');
+ $this->subscribe('newLoginForm');
+ $this->subscribe('afterLoginFormSubmit');
+ $this->subscribe('newUserSession');
+ $this->subscribe('beforeDeactivate');
+ }
+
+ public function beforeDeactivate()
+ {
+ $this->getEvent()->set('success', false);
+
+ // Optionally set a custom error message.
+ $this->getEvent()->set('message', gT('Core plugin can not be disabled.'));
+ }
+
+ public function beforeLogin()
+ {
+ if ($this->get('is_default', null, null, false) == true) {
+ // This is configured to be the default login method
+ $this->getEvent()->set('default', get_class($this));
+ }
+ }
+
+ public function newLoginForm()
+ {
+ $this->getEvent()->getContent($this)
+ ->addContent(CHtml::tag('li', array(), ""))
+ ->addContent(CHtml::tag('li', array(), ""));
+ }
+
+ public function afterLoginFormSubmit()
+ {
+ // Here we handle post data
+ $request = $this->api->getRequest();
+ if ($request->getIsPostRequest()) {
+ $this->setUsername( $request->getPost('user'));
+ $this->setPassword($request->getPost('password'));
+ }
+ }
+
+ public function newUserSession()
+ {
+ // Here we do the actual authentication
+ $username = $this->getUsername();
+ $password = $this->getPassword();
+
+ $user = $this->api->getUserByName($username);
+
+ if ($user === null)
+ {
+ // If the user doesnt exist ín th eLS database, he can not login
+ $this->setAuthFailure(self::ERROR_USERNAME_INVALID);
+ return;
+ }
+
+ // Get configuration settings:
+ $ldapserver = $this->get('server');
+ $domain = $this->get('domainsuffix');;
+
+ // Try to connect
+ $ldapconn = ldap_connect($ldapserver);
+ if (false == $ldapconn) {
+ $this->setAuthFailure(1, gT('Could not connect to LDAP server.'));
+ return;
+ }
+
+ if($ldapconn) {
+ // binding to ldap server
+ $ldapbind = ldap_bind($ldapconn, $username.$domain, $password);
+ // verify binding
+ if (!$ldapbind) {
+ $this->setAuthFailure(100, ldap_error($ldapconn));
+ ldap_close($ldapconn); // all done? close connection
+ return;
+ }
+ ldap_close($ldapconn); // all done? close connection
+ }
+
+ $this->setAuthSuccess($user);
+ }
+}
\ No newline at end of file