You are here

Home » API reference » Lightweight Directory Access Protocol (LDAP) 7 » LdapAuthenticationConfAdmin.class.php » LdapAuthenticationConfAdmin

protected function LdapAuthenticationConfAdmin::setTranslatableProperties in Lightweight Directory Access Protocol (LDAP) 7

Same name and namespace in other branches
  1. 8.2 ldap_authentication/LdapAuthenticationConfAdmin.class.php \LdapAuthenticationConfAdmin::setTranslatableProperties()
  2. 7.2 ldap_authentication/LdapAuthenticationConfAdmin.class.php \LdapAuthenticationConfAdmin::setTranslatableProperties()
1 call to LdapAuthenticationConfAdmin::setTranslatableProperties()
LdapAuthenticationConfAdmin::__construct in ldap_authentication/LdapAuthenticationConfAdmin.class.php

File

ldap_authentication/LdapAuthenticationConfAdmin.class.php, line 12

Class

LdapAuthenticationConfAdmin

Code

protected function setTranslatableProperties() {

  /**
   * 0.  Logon Options
   */
  $values['authenticationModeOptions'] = array(
    LDAP_AUTHENTICATION_MIXED => t('Mixed mode. Drupal authentication is tried first.  On failure, LDAP authentication is performed.'),
    LDAP_AUTHENTICATION_EXCLUSIVE => t('Only LDAP Authentication is allowed except for user 1.
        If selected, (1) reset password links will be replaced with links to ldap end user documentation below.
        (2) The reset password form will be left available at user/password for user 1; but no links to it
        will be provided to anonymous users.
        (3) Password fields in user profile form will be removed except for user 1.'),
  );
  $values['authenticationServersDescription'] = t('Check all LDAP server configurations to use in authentication.
     Each will be tested for authentication until successful or
     until each is exhausted.  In most cases only one server configuration is selected.');

  /**
   * 1.  User Login Interface
   */
  $values['loginUIUsernameTxtDescription'] = t('Text to be displayed to user below the username field of
     the user login screen.');
  $values['loginUIPasswordTxtDescription'] = t('Text to be displayed to user below the password field of
     the user login screen.');
  $values['ldapUserHelpLinkUrlDescription'] = t('URL to LDAP user help/documentation for users resetting
     passwords etc. Should be of form http://domain.com/. Could be the institutions ldap password support page
     or a page within this drupal site that is available to anonymous users.');
  $values['ldapUserHelpLinkTextDescription'] = t('Text for above link e.g. Account Help or Campus Password Help Page');

  /**
   * 2.  LDAP User Restrictions
   */
  $values['allowOnlyIfTextInDnDescription'] = t('A list of text such as ou=education
      or cn=barclay that at least one of be found in user\'s dn string.  Enter one per line
      such as <pre>ou=education') . "\n" . t('ou=engineering</pre>   This test will be case insensitive.');
  $values['excludeIfTextInDnDescription'] = t('A list of text such as ou=evil
      or cn=bad that if found in a user\'s dn, exclude them from ldap authentication.
      Enter one per line such as <pre>ou=evil') . "\n" . t('cn=bad</pre> This test will be case insensitive.');
  $values['allowTestPhpDescription'] = t('PHP code which should print 1
        for allowing ldap authentication or 0 for not allowed.  Available variables are:
        $_name and $_ldap_user_entry  See readme.txt for more info.');
  $values['excludeIfNoAuthorizationsDescription'] = t('If the user is not granted any drupal roles,
      organic groups, etc. by LDAP Authorization, login will be denied.  LDAP Authorization must be
      enabled for this to work.');

  /**
   * 3. Drupal Account Provisioning and Syncing
   */
  $values['loginConflictResolveDescription'] = t('What should be done if a local Drupal or other external
      authentication account already exists with the same login name.');
  $values['loginConflictOptions'] = array(
    LDAP_AUTHENTICATION_CONFLICT_LOG => t('Disallow login and log the conflict'),
    LDAP_AUTHENTICATION_CONFLICT_RESOLVE => t('Associate local account with the LDAP entry.  This option
      is useful for creating accounts and assigning roles before an ldap user authenticates.'),
  );
  $values['acctCreationOptions'] = array(
    LDAP_AUTHENTICATION_ACCT_CREATION_LDAP_BEHAVIOR => t('Create accounts automatically for ldap authenticated users.
        Account creation settings at /admin/config/people/accounts/settings will only affect non-ldap authenticated accounts.'),
    LDAP_AUTHENTICATION_ACCT_CREATION_USER_SETTINGS_FOR_LDAP => t('Use account creation policy
         at /admin/config/people/accounts/settings under for both Drupal and LDAP Authenticated users.
         "Visitors" option automatically creates and account when they successfully LDAP authenticate.
         "Admin" and "Admin with approval" do not allow user to authenticate until the account is approved.'),
  );

  /**
   * 4. Email
   */
  $values['emailOptionOptions'] = array(
    LDAP_AUTHENTICATION_EMAIL_FIELD_REMOVE => t('Don\'t show an email field on user forms.  LDAP derived email will be used for user and connot be changed by user'),
    LDAP_AUTHENTICATION_EMAIL_FIELD_DISABLE => t('Show disabled email field on user forms with LDAP derived email.  LDAP derived email will be used for user and connot be changed by user'),
  );
  $values['emailUpdateOptions'] = array(
    LDAP_AUTHENTICATION_EMAIL_UPDATE_ON_LDAP_CHANGE_ENABLE_NOTIFY => t('Update stored email if LDAP email differs at login and notify user.'),
    LDAP_AUTHENTICATION_EMAIL_UPDATE_ON_LDAP_CHANGE_ENABLE => t('Update stored email if LDAP email differs at login but don\'t notify user.'),
    LDAP_AUTHENTICATION_EMAIL_UPDATE_ON_LDAP_CHANGE_DISABLE => t('Don\'t update stored email if LDAP email differs at login.'),
  );

  /**
   * 5. Single Sign-On / Seamless Sign-On
   */
  $values['ldapImplementationOptions'] = array(
    'mod_auth_sspi' => t('mod_auth_sspi'),
    'mod_auth_kerb' => t('mod_auth_kerb'),
  );
  $values['cookieExpirePeriod'] = array(
    0 => t('Immediately'),
  ) + drupal_map_assoc(array(
    3600,
    86400,
    604800,
    2592000,
    31536000,
    315360000,
  ), 'format_interval') + array(
    -1 => t('Never'),
  );
  $values['ssoEnabledDescription'] = '<strong>' . t('Single Sign on is enabled.') . '</strong> ' . t('To disable it, disable the LDAP SSO Module on the ') . l('Modules Form', 'admin/modules') . '.<p>' . t('Single Sign-On enables ' . 'users of this site to be authenticated by visiting the URL ' . '"user/login/sso, or automatically if selecting "automated ' . 'single sign-on" below. Set up of LDAP authentication must be ' . 'performed on the web server. Please review the !readme file ' . 'for more information.', array(
    '!readme' => l(t('README.txt'), drupal_get_path('module', 'ldap_sso') . '/README.txt'),
  )) . '</p>';
  $values['ssoRemoteUserStripDomainNameDescription'] = t('Useful when the ' . 'WWW server provides authentication in the form of user@realm and you ' . 'want to have both SSO and regular forms based authentication ' . 'available. Otherwise duplicate accounts with conflicting e-mail ' . 'addresses may be created.');
  $values['seamlessLogInDescription'] = t('This requires that you ' . 'have operational NTLM or Kerberos authentication turned on for at least ' . 'the path user/login/sso, or for the whole domain.');
  $values['cookieExpireDescription'] = t('If using the seamless login, a ' . 'cookie is necessary to prevent automatic login after a user ' . 'manually logs out. Select the lifetime of the cookie.');
  $values['ldapImplementationDescription'] = t('Select the type of ' . 'authentication mechanism you are using.');
  foreach ($values as $property => $default_value) {
    $this->{$property} = $default_value;
  }
}