Overview

Packages

  • Auth

Classes

  • Horde_Auth
  • Horde_Auth_Auto
  • Horde_Auth_Base
  • Horde_Auth_Composite
  • Horde_Auth_Customsql
  • Horde_Auth_Cyrsql
  • Horde_Auth_Exception
  • Horde_Auth_Ftp
  • Horde_Auth_Http
  • Horde_Auth_Http_Remote
  • Horde_Auth_Imap
  • Horde_Auth_Ipbasic
  • Horde_Auth_Kolab
  • Horde_Auth_Ldap
  • Horde_Auth_Login
  • Horde_Auth_Msad
  • Horde_Auth_Pam
  • Horde_Auth_Passwd
  • Horde_Auth_Peclsasl
  • Horde_Auth_Radius
  • Horde_Auth_Shibboleth
  • Horde_Auth_Smb
  • Horde_Auth_Smbclient
  • Horde_Auth_Sql
  • Horde_Auth_Translation
  • Overview
  • Package
  • Class
  • Tree

Class Horde_Auth

The Horde_Auth class provides some useful authentication-related utilities and constants for the Auth package.

Copyright 1999-2012 Horde LLC (http://www.horde.org/)

See the enclosed file COPYING for license information (LGPL). If you did not receive this file, http://www.horde.org/licenses/lgpl21

Package: Auth
Category: Horde
License: LGPL-2.1
Author: Chuck Hagenbuch chuck@horde.org
Author: Michael Slusarz slusarz@horde.org
Located at Horde/Auth.php
Methods summary
public static Horde_Auth_Base
# factory( string $driver, array $params = null )

Attempts to return a concrete Horde_Auth_Base instance based on $driver.

Attempts to return a concrete Horde_Auth_Base instance based on $driver.

Parameters

$driver
<p>Either a driver name, or the full class name to use (class must extend Horde_Auth_Base).</p>
$params
<p>A hash containing any additional configuration or parameters a subclass might need.</p>

Returns

Horde_Auth_Base
The newly created concrete instance.

Throws

Horde_Auth_Exception
public static string
# getCryptedPassword( string $plaintext, string $salt = '', string $encryption = 'md5-hex', boolean $show_encrypt = false )

Formats a password using the current encryption.

Formats a password using the current encryption.

Parameters

$plaintext
The plaintext password to encrypt.
$salt
<p>The salt to use to encrypt the password. If not present, a new salt will be generated.</p>
$encryption
<p>The kind of pasword encryption to use. Defaults to md5-hex.</p>
$show_encrypt
<p>Some password systems prepend the kind of encryption to the crypted password ({SHA}, etc). Defaults to false.</p>

Returns

string
The encrypted password.
public static string
# getSalt( string $encryption = 'md5-hex', string $seed = '', string $plaintext = '' )

Returns a salt for the appropriate kind of password encryption. Optionally takes a seed and a plaintext password, to extract the seed of an existing password, or for encryption types that use the plaintext in the generation of the salt.

Returns a salt for the appropriate kind of password encryption. Optionally takes a seed and a plaintext password, to extract the seed of an existing password, or for encryption types that use the plaintext in the generation of the salt.

Parameters

$encryption
<p>The kind of pasword encryption to use. Defaults to md5-hex.</p>
$seed
<p>The seed to get the salt from (probably a previously generated password). Defaults to generating a new seed.</p>
$plaintext
<p>The plaintext password that we're generating a salt for. Defaults to none.</p>

Returns

string
The generated or extracted salt.
public static string
# genRandomPassword( )

Generates a random, hopefully pronounceable, password. This can be used when resetting automatically a user's password.

Generates a random, hopefully pronounceable, password. This can be used when resetting automatically a user's password.

Returns

string
A random password
public static
# checkPasswordPolicy( string $password, array $policy )

Checks whether a password matches some expected policy.

Checks whether a password matches some expected policy.

Parameters

$password
A password.
$policy
<p>A configuration with policy rules. Supported rules:</p> <ul> <li>minLength: Minimum length of the password</li> <li>maxLength: Maximum length of the password</li> <li>maxSpace: Maximum number of white space characters <p>The following are the types of characters required in a password. Either specific characters, character classes, or both can be required. Specific types are:</p></li> <li>minUpper: Minimum number of uppercase characters</li> <li>minLower: Minimum number of lowercase characters</li> <li>minNumeric: Minimum number of numeric characters (0-9)</li> <li>minAlphaNum: Minimum number of alphanumeric characters</li> <li>minAlpha: Minimum number of alphabetic characters</li> <li>minSymbol: Minimum number of alphabetic characters <p>Alternatively (or in addition to), the minimum number of character classes can be configured by setting the following. The valid range is 0 through 4 character classes may be required for a password. The classes are: 'upper', 'lower', 'number', and 'symbol'. For example: A password of 'p@ssw0rd' satisfies three classes ('number', 'lower', and 'symbol'), while 'passw0rd' only satisfies two classes ('lower' and 'symbols').</p></li> <li><p>minClasses: Minimum number (0 through 4) of character classes.</p></li> </ul>

Throws

Horde_Auth_Exception
if the password does not match the policy.

Since

Horde_Auth 1.4.0
public static
# checkPasswordSimilarity( string $password, array $dict, float $max = 80 )

Checks whether a password is too similar to a dictionary of strings.

Checks whether a password is too similar to a dictionary of strings.

Parameters

$password
A password.
$dict
<p>A dictionary to check for similarity, for example the user name or an old password.</p>
$max
$percent The maximum allowed similarity in percent.

Throws

Horde_Auth_Exception
if the password is too similar.

Since

Horde_Auth 1.4.0
Constants summary
integer REASON_BADLOGIN

Authentication failure reasons.

Authentication failure reasons.

REASON_BADLOGIN - Bad username and/or password
REASON_FAILED   - Login failed
REASON_EXPIRED  - Password has expired
REASON_LOGOUT   - Logout due to user request
REASON_MESSAGE  - Logout with custom message
REASON_SESSION  - Logout due to session expiration
REASON_LOCKED   - User is locked
# 1
integer REASON_FAILED
# 2
integer REASON_EXPIRED
# 3
integer REASON_LOGOUT
# 4
integer REASON_MESSAGE
# 5
integer REASON_SESSION
# 6
integer REASON_LOCKED
# 7
string APRMD5_VALID

64 characters that are valid for APRMD5 passwords.

64 characters that are valid for APRMD5 passwords.
# './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'
string VOWELS

Characters used when generating a password.

Characters used when generating a password.
# 'aeiouy'
string CONSONANTS
# 'bcdfghjklmnpqrstvwxz'
string NUMBERS
# '0123456789'
API documentation generated by ApiGen