diff --git a/www/include/auth/ldap.class.php b/www/include/auth/ldap.class.php index 1e28ee83..ccaa89c8 100644 --- a/www/include/auth/ldap.class.php +++ b/www/include/auth/ldap.class.php @@ -250,9 +250,24 @@ function getUserData($user,$inbind=false) { if(is_array($result)) foreach($result as $grp){ if(!empty($grp[$this->cnf['groupkey']][0])){ + $groupname = $grp[$this->cnf['groupkey']][0]; if($this->cnf['debug']) - printmsg('DEBUG => auth_ldap: LDAP usergroup: '.htmlspecialchars($grp[$this->cnf['groupkey']][0]),2); - $info['grps'][$grp[$this->cnf['groupkey']][0]] = $g++; + printmsg('DEBUG => auth_ldap: LDAP usergroup: ' + .htmlspecialchars($groupname),2); + if(!empty($this->cnf['mapping']['grps'][$this->cnf['groupkey']])){ + $regexp = $this->cnf['mapping']['grps'][$this->cnf['groupkey']]; + printmsg('DEBUG => Matching '.htmlspecialchars($groupname) + .' against '.htmlspecialchars($regexp),2); + if (preg_match($regexp,$groupname,$match)) { + $groupname_mapped = $match[1]; + if($this->cnf['debug']) + printmsg('DEBUG => auth_ldap: mapped LDAP usergroup: ' + .htmlspecialchars($groupname_mapped),2); + $info['grps'][$groupname_mapped] = $g++; + } + } else { + $info['grps'][$groupname] = $g++; + } } } } diff --git a/www/include/functions_auth.inc.php b/www/include/functions_auth.inc.php index af61db84..a6a236ab 100644 --- a/www/include/functions_auth.inc.php +++ b/www/include/functions_auth.inc.php @@ -68,7 +68,7 @@ function get_authentication($login_name='', $login_password='') { $js = "el('loginmsg').innerHTML = 'Success!'; setTimeout('removeElement(\'tt_loginform\')',1000);"; // Validate the userid was passed and is "clean" - if (!preg_match('/^[A-Za-z0-9.\-_]+$/', $login_name)) { + if (!preg_match('/^[A-Za-z0-9.\-_@]+$/', $login_name)) { $js = "el('loginmsg').innerHTML = 'Bad username format';"; printmsg("ERROR => Login failure for {$login_name}: Bad username format", 0); return(array(1, $js));