Revision 2972
Added by Matt Jones over 18 years ago
| src/perl/ldapweb.cgi | ||
|---|---|---|
| 107 | 107 |
'initregister' => \&handleInitRegister, |
| 108 | 108 |
'register' => \&handleRegister, |
| 109 | 109 |
'registerconfirmed' => \&handleRegisterConfirmed, |
| 110 |
'changepass' => \&handleChangePassword, |
|
| 111 |
'initchangepass' => \&handleInitialChangePassword, |
|
| 112 | 110 |
'simplesearch' => \&handleSimpleSearch, |
| 113 | 111 |
'initaddentry' => \&handleInitAddEntry, |
| 114 | 112 |
'addentry' => \&handleAddEntry, |
| 115 | 113 |
'initmodifyentry' => \&handleInitModifyEntry, |
| 116 | 114 |
'modifyentry' => \&handleModifyEntry, |
| 115 |
'changepass' => \&handleChangePassword, |
|
| 116 |
'initchangepass' => \&handleInitialChangePassword, |
|
| 117 | 117 |
'resetpass' => \&handleResetPassword, |
| 118 | 118 |
'initresetpass' => \&handleInitialResetPassword, |
| 119 | 119 |
); |
| ... | ... | |
| 174 | 174 |
cfg => $cfg, |
| 175 | 175 |
allParams => $allParams, |
| 176 | 176 |
errorMessage => $errorMessage }; |
| 177 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 177 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 178 | 178 |
$template->process( "@defaultHeader@", $templateVars); |
| 179 | 179 |
$template->process( "@register@", $templateVars); |
| 180 | 180 |
$template->process( "@defaultFooter@", $templateVars); |
| 181 | 181 |
exit(0); |
| 182 | 182 |
} else {
|
| 183 |
my $o = $query->param('o');
|
|
| 184 |
$ldapurl = $config_ldapurl->{$o};
|
|
| 185 |
$searchBase = $config_ldapsearchbase->{$o};
|
|
| 183 |
my $o = $query->param('o');
|
|
| 184 |
$ldapurl = $config_ldapurl->{$o};
|
|
| 185 |
$searchBase = $config_ldapsearchbase->{$o};
|
|
| 186 | 186 |
} |
| 187 | 187 |
|
| 188 | 188 |
# Search LDAP for matching entries that already exist |
| ... | ... | |
| 266 | 266 |
} |
| 267 | 267 |
if ($query->param('o')) {
|
| 268 | 268 |
$$allParams{'o'} = $query->param('o');
|
| 269 |
my $o = $query->param('o');
|
|
| 270 |
|
|
| 271 |
$ldapurl = $config_ldapurl->{$o};
|
|
| 269 |
my $o = $query->param('o');
|
|
| 270 |
|
|
| 271 |
$ldapurl = $config_ldapurl->{$o};
|
|
| 272 | 272 |
$searchBase = $config_ldapsearchbase->{$o};
|
| 273 | 273 |
} |
| 274 | 274 |
|
| ... | ... | |
| 283 | 283 |
cfg => $cfg, |
| 284 | 284 |
allParams => $allParams, |
| 285 | 285 |
errorMessage => $errorMessage }; |
| 286 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 286 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 287 | 287 |
$template->process( "@defaultHeader@", $templateVars); |
| 288 | 288 |
$template->process( "@defaultChangePass@", $templateVars); |
| 289 | 289 |
$template->process( "@defaultFooter@", $templateVars); |
| ... | ... | |
| 293 | 293 |
# We have all of the info we need, so try to change the password |
| 294 | 294 |
if ($query->param('userPassword') =~ $query->param('userPassword2')) {
|
| 295 | 295 |
|
| 296 |
my $o = $query->param('o');
|
|
| 297 |
$ldapurl = $config_ldapurl->{$o};
|
|
| 296 |
my $o = $query->param('o');
|
|
| 297 |
$ldapurl = $config_ldapurl->{$o};
|
|
| 298 | 298 |
$searchBase = $config_ldapsearchbase->{$o};
|
| 299 |
$root = $config_user->{$o};
|
|
| 300 |
$rootpw = $config_password->{$o};
|
|
| 299 |
$root = $config_user->{$o};
|
|
| 300 |
$rootpw = $config_password->{$o};
|
|
| 301 | 301 |
|
| 302 | 302 |
my $dn = "uid=" . $query->param('uid') . "," . $config_dn->{$o};;
|
| 303 | 303 |
if ($query->param('o') =~ "LTER") {
|
| ... | ... | |
| 308 | 308 |
my $errorMessage = changePassword( |
| 309 | 309 |
$dn, $query->param('userPassword'),
|
| 310 | 310 |
$dn, $query->param('oldpass'), $query->param('o'));
|
| 311 |
if ($errorMessage) {
|
|
| 311 |
if ($errorMessage) {
|
|
| 312 | 312 |
my $templateVars = { stage => "changepass",
|
| 313 | 313 |
cfg => $cfg, |
| 314 | 314 |
allParams => $allParams, |
| 315 | 315 |
errorMessage => $errorMessage }; |
| 316 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 316 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 317 | 317 |
$template->process( "@defaultHeader@", $templateVars); |
| 318 | 318 |
$template->process( "@defaultChangePass@", $templateVars); |
| 319 | 319 |
$template->process( "@defaultFooter@", $templateVars); |
| 320 | 320 |
exit(0); |
| 321 | 321 |
} else {
|
| 322 |
$template->process( "@defaultHeader@"); |
|
| 323 |
$template->process( "@changePassSuccess@"); |
|
| 324 |
$template->process( "@defaultFooter@"); |
|
| 322 |
my $templateVars = { stage => "changepass",
|
|
| 323 |
cfg => $cfg, |
|
| 324 |
allParams => $allParams }; |
|
| 325 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 326 |
$template->process( "@defaultHeader@", $templateVars); |
|
| 327 |
$template->process( "@changePassSuccess@", $templateVars); |
|
| 328 |
$template->process( "@defaultFooter@", $templateVars); |
|
| 325 | 329 |
exit(0); |
| 326 | 330 |
} |
| 327 | 331 |
} |
| ... | ... | |
| 331 | 335 |
cfg => $cfg, |
| 332 | 336 |
allParams => $allParams, |
| 333 | 337 |
errorMessage => $errorMessage }; |
| 334 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 338 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 335 | 339 |
$template->process( "@defaultHeader@", $templateVars); |
| 336 | 340 |
$template->process( "@defaultChangePass@", $templateVars); |
| 337 | 341 |
$template->process( "@defaultFooter@", $templateVars); |
| ... | ... | |
| 372 | 376 |
} |
| 373 | 377 |
if ($query->param('o')) {
|
| 374 | 378 |
$$allParams{'o'} = $query->param('o');
|
| 375 |
my $o = $query->param('o');
|
|
| 376 |
|
|
| 377 |
$ldapurl = $config_ldapurl->{$o};
|
|
| 379 |
my $o = $query->param('o');
|
|
| 380 |
|
|
| 381 |
$ldapurl = $config_ldapurl->{$o};
|
|
| 378 | 382 |
$searchBase = $config_ldapsearchbase->{$o};
|
| 379 |
$root = $config_user->{$o};
|
|
| 380 |
$rootpw = $config_password->{$o};
|
|
| 383 |
$root = $config_user->{$o};
|
|
| 384 |
$rootpw = $config_password->{$o};
|
|
| 381 | 385 |
} |
| 382 | 386 |
|
| 383 | 387 |
# Check that all required fields are provided and not null |
| ... | ... | |
| 389 | 393 |
cfg => $cfg, |
| 390 | 394 |
allParams => $allParams, |
| 391 | 395 |
errorMessage => $errorMessage }; |
| 392 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 396 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 393 | 397 |
$template->process( "@defaultHeader@", $templateVars); |
| 394 | 398 |
$template->process( "@defaultResetPass@", $templateVars); |
| 395 | 399 |
$template->process( "@defaultFooter@", $templateVars); |
| ... | ... | |
| 424 | 428 |
cfg => $cfg, |
| 425 | 429 |
allParams => $allParams, |
| 426 | 430 |
errorMessage => $errorMessage }; |
| 427 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 431 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 428 | 432 |
$template->process( "@defaultHeader@", $templateVars); |
| 429 | 433 |
$template->process( "@defaultResetPass@", $templateVars); |
| 430 | 434 |
$template->process( "@defaultFooter@", $templateVars); |
| 431 | 435 |
exit(0); |
| 432 | 436 |
} else {
|
| 433 | 437 |
my $errorMessage = sendPasswordNotification($query->param('uid'),
|
| 434 |
$query->param('o'), $userPass, $recipient);
|
|
| 438 |
$query->param('o'), $userPass, $recipient, $cfg);
|
|
| 435 | 439 |
my $templateVars = { stage => "resetpass",
|
| 436 | 440 |
cfg => $cfg, |
| 437 | 441 |
allParams => $allParams, |
| 438 | 442 |
errorMessage => $errorMessage }; |
| 439 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 443 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 440 | 444 |
$template->process( "@defaultHeader@", $templateVars); |
| 441 | 445 |
$template->process( "@resetPassSuccess@", $templateVars); |
| 442 | 446 |
$template->process( "@defaultFooter@", $templateVars); |
| ... | ... | |
| 494 | 498 |
|
| 495 | 499 |
my $errorMessage = 0; |
| 496 | 500 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
| 501 |
#$ldap->start_tls( verify => 'require', |
|
| 502 |
#cafile => '/usr/share/ssl/ldapcerts/cacert.pem'); |
|
| 503 |
$ldap->start_tls( verify => 'none'); |
|
| 497 | 504 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN, |
| 498 | 505 |
password => $bindPass ); |
| 499 | 506 |
if ($bindresult->code) {
|
| ... | ... | |
| 547 | 554 |
my $entry = ""; |
| 548 | 555 |
my $mesg; |
| 549 | 556 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
| 557 |
$ldap->start_tls( verify => 'none'); |
|
| 550 | 558 |
my $bindresult = $ldap->bind; |
| 551 | 559 |
if ($bindresult->code) {
|
| 552 | 560 |
return $entry; |
| 553 | 561 |
} |
| 554 | 562 |
|
| 555 | 563 |
if($config_filter->{$org}){
|
| 556 |
$mesg = $ldap->search ( base => $base, |
|
| 557 |
filter => "(&(uid=$username)($config_filter->{$org}))"
|
|
| 558 |
); |
|
| 564 |
$mesg = $ldap->search ( base => $base, |
|
| 565 |
filter => "(&(uid=$username)($config_filter->{$org}))");
|
|
| 559 | 566 |
} else {
|
| 560 |
$mesg = $ldap->search ( base => $base, |
|
| 561 |
filter => "(&(uid=$username))" |
|
| 562 |
); |
|
| 567 |
$mesg = $ldap->search ( base => $base, filter => "(uid=$username)"); |
|
| 563 | 568 |
} |
| 564 | 569 |
|
| 565 | 570 |
if ($mesg->count > 0) {
|
| ... | ... | |
| 591 | 596 |
my $org = shift; |
| 592 | 597 |
my $newPass = shift; |
| 593 | 598 |
my $recipient = shift; |
| 599 |
my $cfg = shift; |
|
| 594 | 600 |
|
| 595 | 601 |
my $errorMessage = ""; |
| 596 | 602 |
if ($recipient) {
|
| ... | ... | |
| 608 | 614 |
This is generally done when somebody forgets their password. Your |
| 609 | 615 |
password can be changed by visiting the following URL: |
| 610 | 616 |
|
| 611 |
@cgiurl@?stage=changepass |
|
| 617 |
@cgiurl@?stage=changepass&cfg=$cfg
|
|
| 612 | 618 |
|
| 613 | 619 |
Username: $username |
| 614 | 620 |
Organization: $org |
| ... | ... | |
| 641 | 647 |
my $foundAccounts = 0; |
| 642 | 648 |
|
| 643 | 649 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
| 650 |
$ldap->start_tls( verify => 'none'); |
|
| 644 | 651 |
$ldap->bind( version => 3, anonymous => 1); |
| 645 | 652 |
my $mesg = $ldap->search ( |
| 646 | 653 |
base => $base, |
| ... | ... | |
| 726 | 733 |
cfg => $cfg, |
| 727 | 734 |
allParams => $allParams, |
| 728 | 735 |
errorMessage => $errorMessage }; |
| 729 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 736 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 730 | 737 |
$template->process( "@defaultHeader@", $templateVars); |
| 731 | 738 |
$template->process( "@registerFailed@", $templateVars); |
| 732 | 739 |
$template->process( "@register@", $templateVars); |
| ... | ... | |
| 734 | 741 |
exit(0); |
| 735 | 742 |
} |
| 736 | 743 |
|
| 737 |
my $o = $query->param('o');
|
|
| 744 |
my $o = $query->param('o');
|
|
| 738 | 745 |
|
| 739 |
my $ldapurl = $config_ldapurl->{$o};
|
|
| 740 |
my $root = $config_user->{$o};
|
|
| 741 |
my $rootpw = $config_password->{$o};
|
|
| 742 |
my $searchBase = $config_ldapsearchbase->{$o};
|
|
| 743 |
my $dnBase = $config_dn->{$o};
|
|
| 746 |
my $ldapurl = $config_ldapurl->{$o};
|
|
| 747 |
my $root = $config_user->{$o};
|
|
| 748 |
my $rootpw = $config_password->{$o};
|
|
| 749 |
my $searchBase = $config_ldapsearchbase->{$o};
|
|
| 750 |
my $dnBase = $config_dn->{$o};
|
|
| 744 | 751 |
|
| 745 | 752 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
| 753 |
$ldap->start_tls( verify => 'none'); |
|
| 746 | 754 |
$ldap->bind( version => 3, dn => $root, password => $rootpw ); |
| 747 | 755 |
#print "Inserting new entry...\n"; |
| 748 | 756 |
my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase;
|
| ... | ... | |
| 782 | 790 |
cfg => $cfg, |
| 783 | 791 |
allParams => $allParams, |
| 784 | 792 |
errorMessage => $result->error }; |
| 785 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 793 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 786 | 794 |
$template->process( "@defaultHeader@", $templateVars); |
| 787 | 795 |
$template->process( "@registerFailed@", $templateVars); |
| 788 | 796 |
$templateVars = { stage => "register",
|
| 789 | 797 |
cfg => $cfg, |
| 790 | 798 |
allParams => $allParams }; |
| 791 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 799 |
$$templateVars{'orgList'} = \@orglist;
|
|
| 792 | 800 |
$template->process( "@register@", $templateVars); |
| 793 | 801 |
$template->process( "@defaultFooter@", $templateVars); |
| 794 | 802 |
} else {
|
| 795 |
my $templateVars = { cfg => $cfg };
|
|
| 803 |
my $templateVars = { cfg => $cfg };
|
|
| 796 | 804 |
$template->process( "@defaultHeader@", $templateVars); |
| 797 | 805 |
$template->process( "@registerSuccess@", $templateVars); |
| 798 | 806 |
$template->process( "@defaultFooter@", $templateVars); |
| ... | ... | |
| 906 | 914 |
my $foundAccounts = 0; |
| 907 | 915 |
|
| 908 | 916 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
| 917 |
$ldap->start_tls( verify => 'none'); |
|
| 909 | 918 |
$ldap->bind( version => 3, anonymous => 1); |
| 910 | 919 |
my $mesg = $ldap->search ( |
| 911 | 920 |
base => $base, |
Also available in: Unified diff
dded TLS support to the ldapweb.cgi script, cleaned up some TempToolkit
template processing so that the results display CSS properly, and some minor
formatting issues. The TLS support should probably be enabled only if the
server supports it, which can be queried with supported_extensions, but for
now it is just on, which is what we need.