Extension:LDAP Authorization

The LDAP Authorization extension implements the PluggableAuth  hook to provide authorization using LDAP.

Installation
This extension requires PluggableAuth to be installed first.

Configuration parameters
can hold an array of arrays of arbitrary depth representing a complex set of rules to determine user authorization. Each array may hold three types of keys:

For example, the following rule will authorize any user whose employee status is active and is either in department 100 or 200 or has a level of 5 or 6:

$LDAPAuthorization_Rules = array(	"&" => array ( "status" => "active", "|" => array (			"department" => array ( "100",				"200"			),			"level" => array ( "5",				"6"			)		)	) };

The top level array is assumed to have the operator AND by default, so the configuration array above may be simplified to:

$LDAPAuthorization_Rules = array(	"status" => "active",	"|" => array ( "department" => array (			"100",			"200"		), "level" => array (			"5",			"6"		) ) };