Contao LDAP-Modul unter 5.3 zum laufen bringen

**Acta** · 13.05.2025, 13:59

Hallo Community,

wir nutzten seit Typolight ein LDAP-Modul zum Login/Anlage von Nutzern im Frontend und nur Login im Backend.

Bis zu aktuellen Version 4.13. lief das Modul ohne Probleme. In Version 5.3 ist der Support für die älteren Erweiterungen aber scheinbar eingestellt. Ich muss das Modul also irgendwie überführen, oder gibt es LDAP-Module für Contao 5 die ihr kennt?

Bisheriger Aufbau:

Modulname: ldap:
Ordner-Struktur:
ldap
- config
- dca
- languages

Datei:

Code:

ldap/ldap.php
<?php if (!defined('TL_ROOT')) die('You can not access this file directly!');

/**
 * TYPOlight webCMS
 * Copyright (C) 2005 Leo Feyer
 *
 * This program is free software: you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation, either
 * version 2.1 of the License, or (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 * 
 * You should have received a copy of the GNU Lesser General Public
 * License along with this program. If not, please visit the Free
 * Software Foundation website at http://www.gnu.org/licenses/.
 *
 * PHP version 5
 * @copyright  XX
 * @author     XX
 * @package    ldap
 * @license    GPL 
 * @filesource
 */

 
 //*************************
 // LDAP-Authentification
 //*************************
 
class ldap extends Backend {

public function checkCredentials($strUsername,$strPassword) {
	if ($GLOBALS['TL_CONFIG']['pl_ldap']==true) {
    $ldaphost = strval($GLOBALS['TL_CONFIG']['pl_ldap_server']);
    $ldapport = intval($GLOBALS['TL_CONFIG']['pl_ldap_port']);
	$ldapdomain = strval($GLOBALS['TL_CONFIG']['pl_ldap_domain']);
    $ds = ldap_connect($ldaphost, $ldapport) or die("Could not connect to $ldaphost");
    if ($ds) {
        $binddn = $strUsername."@".$ldapdomain;
        $ldapbind = @ldap_bind($ds, $binddn, utf8_decode($strPassword));
        if ($ldapbind) return true;
        else return false;
        ldap_close($ds);
    }
	else {
		return false;
		}
 }
 }



//******************
// LDAP-Import
//******************


public function importUser($strUsername, $strPassword, $strTable)
{
if ($GLOBALS['TL_CONFIG']['pl_ldapimport']==true) {

// Import only for member authentication (not for user authentication)
    if ($strTable == 'tl_member')
    {
		//Connect to LDAP host
			if ($GLOBALS['TL_CONFIG']['pl_ldap']==true) {
				$ldaphost = strval($GLOBALS['TL_CONFIG']['pl_ldap_server']);
				$ldapport = intval($GLOBALS['TL_CONFIG']['pl_ldap_port']);
				$ldapdomain = strval($GLOBALS['TL_CONFIG']['pl_ldap_domain']);
				$ds = ldap_connect($ldaphost, $ldapport) or die("Could not connect to $ldaphost");
		
		//Try bind to LDAP host
				if ($ds) {
					$binddn = $strUsername."@".$ldapdomain;
					$ldapbind = @ldap_bind($ds, $binddn, utf8_decode($strPassword));
					if ($ldapbind) {
					
		//Read data from LDAP
					$filter="(sAMAccountName=$strUsername)";
					
					$basedn=strval($GLOBALS['TL_CONFIG']['pl_ldapimport_basedn']);
					$sr = ldap_search($ds, $basedn ,"$filter");
					$info = ldap_get_entries($ds, $sr);
					$strFullName=$info[0]["cn"][0];
					$parts=explode(", ",$strFullName);
					if ($parts[1]) {
						$strFName = $parts[1];
					};
					$strName = $info[0]["sn"][0];
					$strMail=$info[0]["mail"][0];
					
					if(strpos($strMail,"SR.")!==false)  {
					
					return false;
				ldap_close($ds);
				
					}
		
		// Write data to the typolight database
					$objNewUser=$this->Database->prepare("INSERT INTO tl_member SET tstamp=?, firstname=?, lastname=?, groups=?, login=?, username=?, password=?, email=?, language=?, company=?")
							   ->execute(time(), utf8_encode($strFName), utf8_encode($strName), "44", 1, strtolower($strUsername), time(), $strMail, "de", "xx");
							   
		// Send Email to Admin
					$objEmail = new Email();
					$objEmail->from = "xx@xx.de";
					if(strpos(strtolower($strMail),"noresponse")!==false)  {
					$objEmail->subject = sprintf('Neues Mitglied im Portal erzeugt: Sondergruppe - '. utf8_encode($strFName) . " " . utf8_encode($strName));
					} ELSE 
					{$objEmail->subject = sprintf('Neues Mitglied im Portal erzeugt: '. utf8_encode($strFName) . " " . utf8_encode($strName)) . " " . $strMail;}
					$objEmail->sendTo('XX@xx.de');
		
		//Log-entry for new member
		$this->log('Neues Mitglied - ' . $strUsername . ' - wurde erzeugt', 'ldapimport importUser()', TL_ACCESS);
							   
		//Success -> return true and close the LDAP-connection
					return true;
					ldap_close($ds);
					}
					
		// No success --> return false and close the LDAP-connection
				else return false;
				ldap_close($ds);
				}
			}
    }
} 
}
}
?>

Code:

ldap/config/config.php

<?php if (!defined('TL_ROOT')) die('You can not access this file directly!');
$GLOBALS['TL_HOOKS']['checkCredentials'][] = array('ldap','checkCredentials');
$GLOBALS['TL_HOOKS']['importUser'][] = array('ldap','importUser');

Code:

ldap/dca/tl_settings.php
<?php if (!defined('TL_ROOT')) die('You can not access this file directly!');

/**
 * Add to palette
 */


$GLOBALS['TL_DCA']['tl_settings']['palettes']['__selector__'][] = 'pl_ldap';

$GLOBALS['TL_DCA']['tl_settings']['palettes']['default'] .= ';{pl_ldap_legend},pl_ldap';

$GLOBALS['TL_DCA']['tl_settings']['subpalettes']['pl_ldap'] = 'pl_ldap_server,pl_ldap_port,pl_ldap_domain';

$GLOBALS['TL_DCA']['tl_settings']['palettes']['__selector__'][] = 'pl_ldapimport';

$GLOBALS['TL_DCA']['tl_settings']['palettes']['default'] .= ';{pl_ldapimport_legend},pl_ldapimport';

$GLOBALS['TL_DCA']['tl_settings']['subpalettes']['pl_ldapimport'] = 'pl_ldapimport_basedn';



/**
 * Add fields
 */

/**
 * Boolean for switching on/off LDAP-Auth
 */
 
 $GLOBALS['TL_DCA']['tl_settings']['fields']['pl_ldap'] = array(
			'label'                   => &$GLOBALS['TL_LANG']['tl_settings']['pl_ldap'],
			'exclude'                 => true,
			'inputType'               => 'checkbox',
			'default'				  => '0',
			'eval'                    => array('submitOnChange'=>true),
			'explanation'			  => 'test'

);

/**
 * LDAP Server IP
 */

$GLOBALS['TL_DCA']['tl_settings']['fields']['pl_ldap_server'] = array(
	'label'		=> &$GLOBALS['TL_LANG']['tl_settings']['pl_ldap_server'],
	'inputType'	=> 'text',
	'default'	=> '127.0.0.1',
	'eval'		=> array('mandatory'=>true, 'rgxp'=>'text', 'nospace'=>true)
);

/**
 * LDAP Port
  */

$GLOBALS['TL_DCA']['tl_settings']['fields']['pl_ldap_port'] = array(
	'label'		=> &$GLOBALS['TL_LANG']['tl_settings']['pl_ldap_port'],
	'inputType'	=> 'text',
	'default'	=> '389',
	'eval'		=> array('mandatory'=>true, 'rgxp'=>'text', 'nospace'=>true)
);

/**
 * LDAP Domain
 */
$GLOBALS['TL_DCA']['tl_settings']['fields']['pl_ldap_domain'] = array(
	'label'		=> &$GLOBALS['TL_LANG']['tl_settings']['pl_ldap_domain'],
	'inputType'	=> 'text',
	'default'	=> 'domain.com',
	'eval'		=> array('mandatory'=>true, 'rgxp'=>'text', 'nospace'=>true)
);

/**
 * Boolean for switching on/off LDAP-Import
 */

$GLOBALS['TL_DCA']['tl_settings']['fields']['pl_ldapimport'] = array(
			'label'                   => &$GLOBALS['TL_LANG']['tl_settings']['pl_ldapimport'],
			'exclude'                 => true,
			'inputType'               => 'checkbox',
			'default'				  => '0',
			'eval'                    => array('submitOnChange'=>true),
			'explanation'			  => 'test'

);

/**
 * LDAP-Base-DN
 */

$GLOBALS['TL_DCA']['tl_settings']['fields']['pl_ldapimport_basedn'] = array(
	'label'		=> &$GLOBALS['TL_LANG']['tl_settings']['pl_ldapimport_basedn'],
	'inputType'	=> 'text',
	'default'	=> utf8_decode('ou=Users, dc=company, dc=com'),
	'eval'		=> array('mandatory'=>true, 'nospace'=>false, 'decodeEntities'=>true)
);

?>

Code:

ldap/languages/de/tl_settings.php

<?php if (!defined('TL_ROOT')) die('You can not access this file directly!');
$GLOBALS['TL_LANG']['tl_settings']['pl_ldap_legend'] = "LDAP-Authentifzierung";
$GLOBALS['TL_LANG']['tl_settings']['pl_ldapimport_legend'] = "Benutzerimport vom LDAP-Server";
$GLOBALS['TL_LANG']['tl_settings']['pl_ldap']        = array('LDAP-Authentifizierung', 'Zusätzliche Authentifizierung der erfassten Mitglieder gegen einen LDAP-Server');
$GLOBALS['TL_LANG']['tl_settings']['pl_ldap_server']        = array('LDAP-Server', 'IP-Adresse des LDAP-Servers, z. B. 127.0.0.1');
$GLOBALS['TL_LANG']['tl_settings']['pl_ldap_domain']        = array('Domäne', 'Zu berücksichtigende Domäne für den LDAP-Server, z. B. Organisation.com');
$GLOBALS['TL_LANG']['tl_settings']['pl_ldap_port']        = array('Port', 'Port des LDAP-Servers, z. B. 389');
$GLOBALS['TL_LANG']['tl_settings']['pl_ldapimport']        = array('LDAP-Import', 'Import von registrierten Benutzern eines LDAP-Servers');
$GLOBALS['TL_LANG']['tl_settings']['pl_ldapimport_basedn'] = array('Base-DN', 'Base-DN zur Suche im LDAP-Verzeichnis');
?>

**Spooky** · 13.05.2025, 14:01

Zitat von Acta

oder gibt es LDAP-Module für Contao 5 die ihr kennt?

Die Suche schon versucht?

**Acta** · 13.05.2025, 14:33

Ja aber die Module sind nur bis 4.9 frei etc.

**Spooky** · 13.05.2025, 14:46

Immer noch besser als dein Contao 2/3 Modul

Evt. kannst du das ja als Basis für die Weiterprogrammierung nehmen - oder auch die Originalentwickler*innen anheuern für die Weiterentwicklung.

**Acta** · 13.05.2025, 15:56

Ob dies sogar als Kleinstauftrag umsetzbar ist?

**cliffparnitzky** · 13.05.2025, 16:17

Mit Sicherheit ;-)

Thema: Contao LDAP-Modul unter 5.3 zum laufen bringen

Themen-Optionen

Thema durchsuchen

Contao LDAP-Modul unter 5.3 zum laufen bringen

Aktive Benutzer

Aktive Benutzer

Berechtigungen