Integrasi dengan LDAP / Active Directory (AD)

Untuk integrasi dengan LDAP/Activer Directory (AD) di ICA Atom, kita memanfaatkan plugin upSimpleLdapPlugin [1].

Kita hanya perlu melakukan perubahan kecil ada core ICA Atom, berikut adalah patch-nya :

diff --git a/apps/qubit/modules/user/actions/loginAction.class.php b/apps/qubit/modules/user/actions/loginAction.class.php index 05a6a6f..9db4e30 100755 --- a/apps/qubit/modules/user/actions/loginAction.class.php +++ b/apps/qubit/modules/user/actions/loginAction.class.php @@ -51,10 +51,14 @@ class UserLoginAction extends sfAction { } else { $email_arr = explode ( "@", $this->form->getValue ( 'email' ) ); //periksa apa username sudah ada di qubit - $criteria = new Criteria; - $criteria->add(QubitUser::USERNAME,$email_arr[0]); - $qubit_user = QubitUser::getOne($criteria) ; - + $criteria = new Criteria; + $criteria->add(QubitUser::EMAIL, $this->form->getValue ('email')); + $qubit_user = QubitUser::getOne($criteria); + //var_dump($user) ; exit; + //echo $qubit_user->getId() ; exit; + //$qubit_user = QubitUser::getById($user->getId()); + $ldap = new ldapAuth (); if ($ldap->authenticate ( $email_arr [0], $this->form->getValue ( 'password' ) )) { @@ -63,6 +67,7 @@ class UserLoginAction extends sfAction { if(!$qubit_user) { $qubit_user = new QubitUser (); } + $qubit_user->setUsername ( $this->form->getValue ( 'email' ) ); $qubit_user->setEmail ( $this->form->getValue ( 'email' ) ); $qubit_user->setPassword ( $this->form->getValue ( 'password' ) ); -- 1.8.5.2

Intinya adalah, ketika user pertama kali login, maka ICA Atom akan memerika, apa user ini ada di AD/LDAP, jika ada, apakah password nya benar ? kalau benar, apakah data user ini sudah ada di ICA Atom, jika sudah ada, langsung login, jika belum ada, buat user baru di ICA Atom dengan privilege default.

Referensi