API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 9th, 2016
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.40 KB | None | 0 0
raw download clone embed print report
  1. /*
  2. |--------------------------------------------------------------------------
  3. | Connections
  4. |--------------------------------------------------------------------------
  5. |
  6. | This array stores the connections that are added to Adldap. You can add
  7. | as many connections as you like.
  8. |
  9. | The key is the name of the connection you wish to use and the value is
  10. | an array of configuration settings.
  11. |
  12. */
  13.  
  14. 'connections' => [
  15.  
  16. 'default' => [
  17.  
  18. /*
  19. |--------------------------------------------------------------------------
  20. | Auto Connect
  21. |--------------------------------------------------------------------------
  22. |
  23. | If auto connect is true, anytime Adldap is instantiated it will automatically
  24. | connect to your AD server. If this is set to false, you must connect manually
  25. | using: Adldap::connect().
  26. |
  27. */
  28.  
  29. 'auto_connect' => true,
  30.  
  31. /*
  32. |--------------------------------------------------------------------------
  33. | Connection
  34. |--------------------------------------------------------------------------
  35. |
  36. | The connection class to use to run operations on.
  37. |
  38. | You can also set this option to `null` to use the default connection class.
  39. |
  40. | Custom connection classes must implement AdldapContractsConnectionsConnectionInterface
  41. |
  42. */
  43.  
  44. 'connection' => AdldapConnectionsLdap::class,
  45.  
  46. /*
  47. |--------------------------------------------------------------------------
  48. | Schema
  49. |--------------------------------------------------------------------------
  50. |
  51. | The schema class to use for retrieving attributes and generating models.
  52. |
  53. | You can also set this option to `null` to use the default schema class.
  54. |
  55. | Custom schema classes must implement AdldapContractsSchemasSchemaInterface
  56. |
  57. */
  58.  
  59. 'schema' => AdldapSchemasActiveDirectory::class,
  60.  
  61. /*
  62. |--------------------------------------------------------------------------
  63. | Connection Settings
  64. |--------------------------------------------------------------------------
  65. |
  66. | This connection settings array is directly passed into the Adldap constructor.
  67. |
  68. | Feel free to add or remove settings you don't need.
  69. |
  70. */
  71.  
  72. 'connection_settings' => [
  73.  
  74. /*
  75. |--------------------------------------------------------------------------
  76. | Account Prefix
  77. |--------------------------------------------------------------------------
  78. |
  79. | The account prefix option is the prefix of your user accounts in AD.
  80. |
  81. | For example, if you'd prefer your users to use only their username instead
  82. | of specifying a domain ('ACMEjdoe'), enter your domain name.
  83. |
  84. */
  85.  
  86. 'account_prefix' => '',
  87.  
  88. /*
  89. |--------------------------------------------------------------------------
  90. | Account Suffix
  91. |--------------------------------------------------------------------------
  92. |
  93. | The account suffix option is the suffix of your user accounts in AD.
  94. |
  95. | For example, if your domain DN is DC=corp,DC=acme,DC=org, then your
  96. | account suffix would be @corp.acme.org. This is then appended to
  97. | then end of your user accounts on authentication.
  98. |
  99. */
  100.  
  101. 'account_suffix' => '',
  102.  
  103. /*
  104. |--------------------------------------------------------------------------
  105. | Domain Controllers
  106. |--------------------------------------------------------------------------
  107. |
  108. | The domain controllers option is an array of servers located on your
  109. | network that serve Active Directory. You can insert as many servers or
  110. | as little as you'd like depending on your forest (with the
  111. | minimum of one of course).
  112. |
  113. | These can be IP addresses of your server(s), or the host name.
  114. |
  115. */
  116.  
  117. 'domain_controllers' => ['190.168.124.147'],
  118.  
  119. /*
  120. |--------------------------------------------------------------------------
  121. | Port
  122. |--------------------------------------------------------------------------
  123. |
  124. | The port option is used for authenticating and binding to your AD server.
  125. |
  126. */
  127.  
  128. 'port' => 80,
  129.  
  130. /*
  131. |--------------------------------------------------------------------------
  132. | Timeout
  133. |--------------------------------------------------------------------------
  134. |
  135. | The timeout option allows you to configure the amount of time in
  136. | seconds that your application waits until a response
  137. | is received from your LDAP server.
  138. |
  139. */
  140.  
  141. 'timeout' => 5,
  142.  
  143. /*
  144. |--------------------------------------------------------------------------
  145. | Base Distinguished Name
  146. |--------------------------------------------------------------------------
  147. |
  148. | The base distinguished name is the base distinguished name you'd like
  149. | to perform operations on. An example base DN would be DC=corp,DC=acme,DC=org.
  150. |
  151. | If one is not defined, then Adldap will try to find it automatically
  152. | by querying your server. It's recommended to include it to
  153. | limit queries executed per request.
  154. |
  155. */
  156.  
  157. 'base_dn' => '',
  158.  
  159. /*
  160. |--------------------------------------------------------------------------
  161. | Administrator Account Suffix
  162. |--------------------------------------------------------------------------
  163. |
  164. | This option allows you to set a different account suffix for your
  165. | configured administrator account upon binding.
  166. |
  167. | If left empty, your `account_suffix` option will be used.
  168. |
  169. */
  170.  
  171. 'admin_account_suffix' => '',
  172.  
  173. /*
  174. |--------------------------------------------------------------------------
  175. | Administrator Username & Password
  176. |--------------------------------------------------------------------------
  177. |
  178. | When connecting to your AD server, a username and password is required
  179. | to be able to query and run operations on your server(s). You can
  180. | use any user account that has these permissions. This account
  181. | does not need to be a domain administrator unless you
  182. | require changing and resetting user passwords.
  183. |
  184. */
  185.  
  186. 'admin_username' => env('ADLDAP_ADMIN_USERNAME', 'foosaaa'),
  187. 'admin_password' => env('ADLDAP_ADMIN_PASSWORD', 'kaa@taa'),
  188.  
  189. /*
  190. |--------------------------------------------------------------------------
  191. | Follow Referrals
  192. |--------------------------------------------------------------------------
  193. |
  194. | The follow referrals option is a boolean to tell active directory
  195. | to follow a referral to another server on your network if the
  196. | server queried knows the information your asking for exists,
  197. | but does not yet contain a copy of it locally.
  198. |
  199. | This option is defaulted to false.
  200. |
  201. */
  202.  
  203. 'follow_referrals' => false,
  204.  
  205. /*
  206. |--------------------------------------------------------------------------
  207. | SSL & TLS
  208. |--------------------------------------------------------------------------
  209. |
  210. | If you need to be able to change user passwords on your server, then an
  211. | SSL or TLS connection is required. All other operations are allowed
  212. | on unsecured protocols. One of these options are definitely recommended
  213. | if you have the ability to connect to your server securely.
  214. |
  215. */
  216.  
  217. 'use_ssl' => false,
  218. 'use_tls' => false,
  219.  
  220. public function bind($username, $password, $prefix = null, $suffix = null)
  221. {
  222. // We'll allow binding with a null username and password
  223. // if their empty. This will allow us to anonymously
  224. // bind to our servers if needed.
  225. $username = $username ?: null;
  226. $password = $password ?: null;
  227.  
  228. if ($username) {
  229. // If the username isn't empty, we'll append the configured
  230. // account prefix and suffix to bind to the LDAP server.
  231. $prefix = is_null($prefix) ? $this->configuration->getAccountPrefix() : $prefix;
  232. $suffix = is_null($suffix) ? $this->configuration->getAccountSuffix() : $suffix;
  233.  
  234. $username = $prefix.$username.$suffix;
  235. }
  236.  
  237. // We'll mute any exceptions / warnings here. All we need to know
  238. // is if binding failed and we'll throw our own exception.
  239. if (!@$this->connection->bind($username, $password)) {
  240. throw new BindException($this->connection->getLastError(), $this->connection->errNo());
  241. }
  242. }
  243.  
  244. /*
  245. |--------------------------------------------------------------------------
  246. | Authentication Defaults
  247. |--------------------------------------------------------------------------
  248. |
  249. | This option controls the default authentication "guard" and password
  250. | reset options for your application. You may change these defaults
  251. | as required, but they're a perfect start for most applications.
  252. |
  253. */
  254.  
  255. 'defaults' => [
  256. 'guard' => 'web',
  257. 'passwords' => 'users',
  258. ],
  259.  
  260. /*
  261. |--------------------------------------------------------------------------
  262. | Authentication Guards
  263. |--------------------------------------------------------------------------
  264. |
  265. | Next, you may define every authentication guard for your application.
  266. | Of course, a great default configuration has been defined for you
  267. | here which uses session storage and the Eloquent user provider.
  268. |
  269. | All authentication drivers have a user provider. This defines how the
  270. | users are actually retrieved out of your database or other storage
  271. | mechanisms used by this application to persist your user's data.
  272. |
  273. | Supported: "session", "token"
  274. |
  275. */
  276.  
  277. 'guards' => [
  278. 'web' => [
  279. 'driver' => 'session',
  280. 'provider' => 'users',
  281. ],
  282.  
  283. 'api' => [
  284. 'driver' => 'token',
  285. 'provider' => 'users',
  286. ],
  287. ],
  288.  
  289. /*
  290. |--------------------------------------------------------------------------
  291. | User Providers
  292. |--------------------------------------------------------------------------
  293. |
  294. | All authentication drivers have a user provider. This defines how the
  295. | users are actually retrieved out of your database or other storage
  296. | mechanisms used by this application to persist your user's data.
  297. |
  298. | If you have multiple user tables or models you may configure multiple
  299. | sources which represent each model / table. These sources may then
  300. | be assigned to any extra authentication guards you have defined.
  301. |
  302. | Supported: "database", "eloquent"
  303. |
  304. */
  305.  
  306. 'providers' => [
  307. 'users' => [
  308. 'driver' => 'adldap',
  309. 'model' => AppUser::class,
  310. ],
  311.  
  312. // 'users' => [
  313. // 'driver' => 'database',
  314. // 'table' => 'users',
  315. // ],
  316. ],
  317.  
  318. /*
  319. |--------------------------------------------------------------------------
  320. | Resetting Passwords
  321. |--------------------------------------------------------------------------
  322. |
  323. | Here you may set the options for resetting passwords including the view
  324. | that is your password reset e-mail. You may also set the name of the
  325. | table that maintains all of the reset tokens for your application.
  326. |
  327. | You may specify multiple password reset configurations if you have more
  328. | than one user table or model in the application and you want to have
  329. | separate password reset settings based on the specific user types.
  330. |
  331. | The expire time is the number of minutes that the reset token should be
  332. | considered valid. This security feature keeps tokens short-lived so
  333. | they have less time to be guessed. You may change this as needed.
  334. |
  335. */
  336.  
  337. 'passwords' => [
  338. 'users' => [
  339. 'provider' => 'users',
  340. 'email' => 'auth.emails.password',
  341. 'table' => 'password_resets',
  342. 'expire' => 60,
  343. ],
  344. ],
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!