Revision 2972
Added by Matt Jones over 18 years ago
ldapweb.cgi | ||
---|---|---|
107 | 107 |
'initregister' => \&handleInitRegister, |
108 | 108 |
'register' => \&handleRegister, |
109 | 109 |
'registerconfirmed' => \&handleRegisterConfirmed, |
110 |
'changepass' => \&handleChangePassword, |
|
111 |
'initchangepass' => \&handleInitialChangePassword, |
|
112 | 110 |
'simplesearch' => \&handleSimpleSearch, |
113 | 111 |
'initaddentry' => \&handleInitAddEntry, |
114 | 112 |
'addentry' => \&handleAddEntry, |
115 | 113 |
'initmodifyentry' => \&handleInitModifyEntry, |
116 | 114 |
'modifyentry' => \&handleModifyEntry, |
115 |
'changepass' => \&handleChangePassword, |
|
116 |
'initchangepass' => \&handleInitialChangePassword, |
|
117 | 117 |
'resetpass' => \&handleResetPassword, |
118 | 118 |
'initresetpass' => \&handleInitialResetPassword, |
119 | 119 |
); |
... | ... | |
174 | 174 |
cfg => $cfg, |
175 | 175 |
allParams => $allParams, |
176 | 176 |
errorMessage => $errorMessage }; |
177 |
$$templateVars{'orgList'} = \@orglist;
|
|
177 |
$$templateVars{'orgList'} = \@orglist;
|
|
178 | 178 |
$template->process( "@defaultHeader@", $templateVars); |
179 | 179 |
$template->process( "@register@", $templateVars); |
180 | 180 |
$template->process( "@defaultFooter@", $templateVars); |
181 | 181 |
exit(0); |
182 | 182 |
} else { |
183 |
my $o = $query->param('o');
|
|
184 |
$ldapurl = $config_ldapurl->{$o};
|
|
185 |
$searchBase = $config_ldapsearchbase->{$o};
|
|
183 |
my $o = $query->param('o');
|
|
184 |
$ldapurl = $config_ldapurl->{$o};
|
|
185 |
$searchBase = $config_ldapsearchbase->{$o};
|
|
186 | 186 |
} |
187 | 187 |
|
188 | 188 |
# Search LDAP for matching entries that already exist |
... | ... | |
266 | 266 |
} |
267 | 267 |
if ($query->param('o')) { |
268 | 268 |
$$allParams{'o'} = $query->param('o'); |
269 |
my $o = $query->param('o');
|
|
270 |
|
|
271 |
$ldapurl = $config_ldapurl->{$o};
|
|
269 |
my $o = $query->param('o');
|
|
270 |
|
|
271 |
$ldapurl = $config_ldapurl->{$o};
|
|
272 | 272 |
$searchBase = $config_ldapsearchbase->{$o}; |
273 | 273 |
} |
274 | 274 |
|
... | ... | |
283 | 283 |
cfg => $cfg, |
284 | 284 |
allParams => $allParams, |
285 | 285 |
errorMessage => $errorMessage }; |
286 |
$$templateVars{'orgList'} = \@orglist;
|
|
286 |
$$templateVars{'orgList'} = \@orglist;
|
|
287 | 287 |
$template->process( "@defaultHeader@", $templateVars); |
288 | 288 |
$template->process( "@defaultChangePass@", $templateVars); |
289 | 289 |
$template->process( "@defaultFooter@", $templateVars); |
... | ... | |
293 | 293 |
# We have all of the info we need, so try to change the password |
294 | 294 |
if ($query->param('userPassword') =~ $query->param('userPassword2')) { |
295 | 295 |
|
296 |
my $o = $query->param('o');
|
|
297 |
$ldapurl = $config_ldapurl->{$o};
|
|
296 |
my $o = $query->param('o');
|
|
297 |
$ldapurl = $config_ldapurl->{$o};
|
|
298 | 298 |
$searchBase = $config_ldapsearchbase->{$o}; |
299 |
$root = $config_user->{$o};
|
|
300 |
$rootpw = $config_password->{$o};
|
|
299 |
$root = $config_user->{$o};
|
|
300 |
$rootpw = $config_password->{$o};
|
|
301 | 301 |
|
302 | 302 |
my $dn = "uid=" . $query->param('uid') . "," . $config_dn->{$o};; |
303 | 303 |
if ($query->param('o') =~ "LTER") { |
... | ... | |
308 | 308 |
my $errorMessage = changePassword( |
309 | 309 |
$dn, $query->param('userPassword'), |
310 | 310 |
$dn, $query->param('oldpass'), $query->param('o')); |
311 |
if ($errorMessage) {
|
|
311 |
if ($errorMessage) { |
|
312 | 312 |
my $templateVars = { stage => "changepass", |
313 | 313 |
cfg => $cfg, |
314 | 314 |
allParams => $allParams, |
315 | 315 |
errorMessage => $errorMessage }; |
316 |
$$templateVars{'orgList'} = \@orglist;
|
|
316 |
$$templateVars{'orgList'} = \@orglist;
|
|
317 | 317 |
$template->process( "@defaultHeader@", $templateVars); |
318 | 318 |
$template->process( "@defaultChangePass@", $templateVars); |
319 | 319 |
$template->process( "@defaultFooter@", $templateVars); |
320 | 320 |
exit(0); |
321 | 321 |
} else { |
322 |
$template->process( "@defaultHeader@"); |
|
323 |
$template->process( "@changePassSuccess@"); |
|
324 |
$template->process( "@defaultFooter@"); |
|
322 |
my $templateVars = { stage => "changepass", |
|
323 |
cfg => $cfg, |
|
324 |
allParams => $allParams }; |
|
325 |
$$templateVars{'orgList'} = \@orglist; |
|
326 |
$template->process( "@defaultHeader@", $templateVars); |
|
327 |
$template->process( "@changePassSuccess@", $templateVars); |
|
328 |
$template->process( "@defaultFooter@", $templateVars); |
|
325 | 329 |
exit(0); |
326 | 330 |
} |
327 | 331 |
} |
... | ... | |
331 | 335 |
cfg => $cfg, |
332 | 336 |
allParams => $allParams, |
333 | 337 |
errorMessage => $errorMessage }; |
334 |
$$templateVars{'orgList'} = \@orglist;
|
|
338 |
$$templateVars{'orgList'} = \@orglist;
|
|
335 | 339 |
$template->process( "@defaultHeader@", $templateVars); |
336 | 340 |
$template->process( "@defaultChangePass@", $templateVars); |
337 | 341 |
$template->process( "@defaultFooter@", $templateVars); |
... | ... | |
372 | 376 |
} |
373 | 377 |
if ($query->param('o')) { |
374 | 378 |
$$allParams{'o'} = $query->param('o'); |
375 |
my $o = $query->param('o');
|
|
376 |
|
|
377 |
$ldapurl = $config_ldapurl->{$o};
|
|
379 |
my $o = $query->param('o');
|
|
380 |
|
|
381 |
$ldapurl = $config_ldapurl->{$o};
|
|
378 | 382 |
$searchBase = $config_ldapsearchbase->{$o}; |
379 |
$root = $config_user->{$o};
|
|
380 |
$rootpw = $config_password->{$o};
|
|
383 |
$root = $config_user->{$o};
|
|
384 |
$rootpw = $config_password->{$o};
|
|
381 | 385 |
} |
382 | 386 |
|
383 | 387 |
# Check that all required fields are provided and not null |
... | ... | |
389 | 393 |
cfg => $cfg, |
390 | 394 |
allParams => $allParams, |
391 | 395 |
errorMessage => $errorMessage }; |
392 |
$$templateVars{'orgList'} = \@orglist;
|
|
396 |
$$templateVars{'orgList'} = \@orglist;
|
|
393 | 397 |
$template->process( "@defaultHeader@", $templateVars); |
394 | 398 |
$template->process( "@defaultResetPass@", $templateVars); |
395 | 399 |
$template->process( "@defaultFooter@", $templateVars); |
... | ... | |
424 | 428 |
cfg => $cfg, |
425 | 429 |
allParams => $allParams, |
426 | 430 |
errorMessage => $errorMessage }; |
427 |
$$templateVars{'orgList'} = \@orglist;
|
|
431 |
$$templateVars{'orgList'} = \@orglist;
|
|
428 | 432 |
$template->process( "@defaultHeader@", $templateVars); |
429 | 433 |
$template->process( "@defaultResetPass@", $templateVars); |
430 | 434 |
$template->process( "@defaultFooter@", $templateVars); |
431 | 435 |
exit(0); |
432 | 436 |
} else { |
433 | 437 |
my $errorMessage = sendPasswordNotification($query->param('uid'), |
434 |
$query->param('o'), $userPass, $recipient); |
|
438 |
$query->param('o'), $userPass, $recipient, $cfg);
|
|
435 | 439 |
my $templateVars = { stage => "resetpass", |
436 | 440 |
cfg => $cfg, |
437 | 441 |
allParams => $allParams, |
438 | 442 |
errorMessage => $errorMessage }; |
439 |
$$templateVars{'orgList'} = \@orglist;
|
|
443 |
$$templateVars{'orgList'} = \@orglist;
|
|
440 | 444 |
$template->process( "@defaultHeader@", $templateVars); |
441 | 445 |
$template->process( "@resetPassSuccess@", $templateVars); |
442 | 446 |
$template->process( "@defaultFooter@", $templateVars); |
... | ... | |
494 | 498 |
|
495 | 499 |
my $errorMessage = 0; |
496 | 500 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
501 |
#$ldap->start_tls( verify => 'require', |
|
502 |
#cafile => '/usr/share/ssl/ldapcerts/cacert.pem'); |
|
503 |
$ldap->start_tls( verify => 'none'); |
|
497 | 504 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN, |
498 | 505 |
password => $bindPass ); |
499 | 506 |
if ($bindresult->code) { |
... | ... | |
547 | 554 |
my $entry = ""; |
548 | 555 |
my $mesg; |
549 | 556 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
557 |
$ldap->start_tls( verify => 'none'); |
|
550 | 558 |
my $bindresult = $ldap->bind; |
551 | 559 |
if ($bindresult->code) { |
552 | 560 |
return $entry; |
553 | 561 |
} |
554 | 562 |
|
555 | 563 |
if($config_filter->{$org}){ |
556 |
$mesg = $ldap->search ( base => $base, |
|
557 |
filter => "(&(uid=$username)($config_filter->{$org}))" |
|
558 |
); |
|
564 |
$mesg = $ldap->search ( base => $base, |
|
565 |
filter => "(&(uid=$username)($config_filter->{$org}))"); |
|
559 | 566 |
} else { |
560 |
$mesg = $ldap->search ( base => $base, |
|
561 |
filter => "(&(uid=$username))" |
|
562 |
); |
|
567 |
$mesg = $ldap->search ( base => $base, filter => "(uid=$username)"); |
|
563 | 568 |
} |
564 | 569 |
|
565 | 570 |
if ($mesg->count > 0) { |
... | ... | |
591 | 596 |
my $org = shift; |
592 | 597 |
my $newPass = shift; |
593 | 598 |
my $recipient = shift; |
599 |
my $cfg = shift; |
|
594 | 600 |
|
595 | 601 |
my $errorMessage = ""; |
596 | 602 |
if ($recipient) { |
... | ... | |
608 | 614 |
This is generally done when somebody forgets their password. Your |
609 | 615 |
password can be changed by visiting the following URL: |
610 | 616 |
|
611 |
@cgiurl@?stage=changepass |
|
617 |
@cgiurl@?stage=changepass&cfg=$cfg
|
|
612 | 618 |
|
613 | 619 |
Username: $username |
614 | 620 |
Organization: $org |
... | ... | |
641 | 647 |
my $foundAccounts = 0; |
642 | 648 |
|
643 | 649 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
650 |
$ldap->start_tls( verify => 'none'); |
|
644 | 651 |
$ldap->bind( version => 3, anonymous => 1); |
645 | 652 |
my $mesg = $ldap->search ( |
646 | 653 |
base => $base, |
... | ... | |
726 | 733 |
cfg => $cfg, |
727 | 734 |
allParams => $allParams, |
728 | 735 |
errorMessage => $errorMessage }; |
729 |
$$templateVars{'orgList'} = \@orglist;
|
|
736 |
$$templateVars{'orgList'} = \@orglist;
|
|
730 | 737 |
$template->process( "@defaultHeader@", $templateVars); |
731 | 738 |
$template->process( "@registerFailed@", $templateVars); |
732 | 739 |
$template->process( "@register@", $templateVars); |
... | ... | |
734 | 741 |
exit(0); |
735 | 742 |
} |
736 | 743 |
|
737 |
my $o = $query->param('o');
|
|
744 |
my $o = $query->param('o');
|
|
738 | 745 |
|
739 |
my $ldapurl = $config_ldapurl->{$o};
|
|
740 |
my $root = $config_user->{$o};
|
|
741 |
my $rootpw = $config_password->{$o};
|
|
742 |
my $searchBase = $config_ldapsearchbase->{$o};
|
|
743 |
my $dnBase = $config_dn->{$o};
|
|
746 |
my $ldapurl = $config_ldapurl->{$o};
|
|
747 |
my $root = $config_user->{$o};
|
|
748 |
my $rootpw = $config_password->{$o};
|
|
749 |
my $searchBase = $config_ldapsearchbase->{$o};
|
|
750 |
my $dnBase = $config_dn->{$o};
|
|
744 | 751 |
|
745 | 752 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
753 |
$ldap->start_tls( verify => 'none'); |
|
746 | 754 |
$ldap->bind( version => 3, dn => $root, password => $rootpw ); |
747 | 755 |
#print "Inserting new entry...\n"; |
748 | 756 |
my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase; |
... | ... | |
782 | 790 |
cfg => $cfg, |
783 | 791 |
allParams => $allParams, |
784 | 792 |
errorMessage => $result->error }; |
785 |
$$templateVars{'orgList'} = \@orglist;
|
|
793 |
$$templateVars{'orgList'} = \@orglist;
|
|
786 | 794 |
$template->process( "@defaultHeader@", $templateVars); |
787 | 795 |
$template->process( "@registerFailed@", $templateVars); |
788 | 796 |
$templateVars = { stage => "register", |
789 | 797 |
cfg => $cfg, |
790 | 798 |
allParams => $allParams }; |
791 |
$$templateVars{'orgList'} = \@orglist;
|
|
799 |
$$templateVars{'orgList'} = \@orglist;
|
|
792 | 800 |
$template->process( "@register@", $templateVars); |
793 | 801 |
$template->process( "@defaultFooter@", $templateVars); |
794 | 802 |
} else { |
795 |
my $templateVars = { cfg => $cfg };
|
|
803 |
my $templateVars = { cfg => $cfg };
|
|
796 | 804 |
$template->process( "@defaultHeader@", $templateVars); |
797 | 805 |
$template->process( "@registerSuccess@", $templateVars); |
798 | 806 |
$template->process( "@defaultFooter@", $templateVars); |
... | ... | |
906 | 914 |
my $foundAccounts = 0; |
907 | 915 |
|
908 | 916 |
my $ldap = Net::LDAP->new($ldapurl) or die "$@"; |
917 |
$ldap->start_tls( verify => 'none'); |
|
909 | 918 |
$ldap->bind( version => 3, anonymous => 1); |
910 | 919 |
my $mesg = $ldap->search ( |
911 | 920 |
base => $base, |
Also available in: Unified diff
dded TLS support to the ldapweb.cgi script, cleaned up some TempToolkit
template processing so that the results display CSS properly, and some minor
formatting issues. The TLS support should probably be enabled only if the
server supports it, which can be queried with supported_extensions, but for
now it is just on, which is what we need.