Revision 4771
Added by walbridge almost 16 years ago
src/perl/ldapweb.cgi | ||
---|---|---|
124 | 124 |
|
125 | 125 |
# Java uses miliseconds, Perl expects whole seconds |
126 | 126 |
my $timeout = $properties->getProperty('ldap.connectTimeLimit') / 1000; |
127 |
my $ldapdownmessage = "The main ldap server $ldapurl is down!"; |
|
128 | 127 |
|
129 | 128 |
# Get the CGI input variables |
130 | 129 |
my $query = new CGI; |
... | ... | |
514 | 513 |
my $errorMessage = 0; |
515 | 514 |
my $ldap; |
516 | 515 |
|
517 |
#if main ldap server is down, a html file containing warning message will be returned
|
|
518 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleGeneralServerFailure($ldapdownmessage);
|
|
516 |
#if main ldap server is down, a html file containing warning message will be returned
|
|
517 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
|
|
519 | 518 |
|
520 |
#$ldap->start_tls( verify => 'require',
|
|
519 |
#$ldap->start_tls( verify => 'require',
|
|
521 | 520 |
#cafile => '/usr/share/ssl/ldapcerts/cacert.pem'); |
522 | 521 |
$ldap->start_tls( verify => 'none'); |
523 | 522 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN, |
... | ... | |
576 | 575 |
debug("ldap server: $ldapurl"); |
577 | 576 |
|
578 | 577 |
#if main ldap server is down, a html file containing warning message will be returned |
579 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleGeneralServerFailure($ldapdownmessage);
|
|
578 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
|
|
580 | 579 |
$ldap->start_tls( verify => 'none'); |
581 | 580 |
my $bindresult = $ldap->bind; |
582 | 581 |
if ($bindresult->code) { |
... | ... | |
623 | 622 |
|
624 | 623 |
my $errorMessage = ""; |
625 | 624 |
if ($recipient) { |
626 |
my $mailhost = $properties->getProperty('email.mailhost');
|
|
627 |
my $sender = $properties->getProperty('email.sender');
|
|
625 |
my $mailhost = $properties->getProperty('email.mailhost');
|
|
626 |
my $sender = $properties->getProperty('email.sender');
|
|
628 | 627 |
# Send the email message to them |
629 | 628 |
my $smtp = Net::SMTP->new($mailhost); |
630 | 629 |
$smtp->mail($sender); |
... | ... | |
674 | 673 |
|
675 | 674 |
#if main ldap server is down, a html file containing warning message will be returned |
676 | 675 |
debug("connecting to LDAP in findExistingAccounts with settings $ldapurl, $timeout"); |
677 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleGeneralServerFailure($ldapdownmessage);
|
|
676 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
|
|
678 | 677 |
$ldap->start_tls( verify => 'none'); |
679 | 678 |
$ldap->bind( version => 3, anonymous => 1); |
680 | 679 |
my $mesg = $ldap->search ( |
... | ... | |
767 | 766 |
my $dnBase = $ldapConfig->{$o}{'dn'}; |
768 | 767 |
my $ldapUsername = $ldapConfig->{$o}{'user'} . ',' . $searchBase; |
769 | 768 |
my $ldapPassword = $ldapConfig->{$o}{'password'}; |
770 |
debug("LDAP connection to $ldapurl...");
|
|
769 |
debug("LDAP connection to $ldapurl...");
|
|
771 | 770 |
#if main ldap server is down, a html file containing warning message will be returned |
772 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleGeneralServerFailure("The ldap server " . $ldapurl . " is down!");
|
|
771 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
|
|
773 | 772 |
|
774 | 773 |
|
775 | 774 |
$ldap->start_tls( verify => 'none'); |
776 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword");
|
|
775 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword");
|
|
777 | 776 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
778 | 777 |
|
779 | 778 |
my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase; |
780 |
debug("Inserting new entry for: $dn");
|
|
779 |
debug("Inserting new entry for: $dn");
|
|
781 | 780 |
|
782 | 781 |
# Create a hashed version of the password |
783 | 782 |
my $shapass = createSeededPassHash($query->param('userPassword')); |
... | ... | |
913 | 912 |
my $foundAccounts = 0; |
914 | 913 |
|
915 | 914 |
#if ldap server is down, a html file containing warning message will be returned |
916 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleGeneralServerFailure("The ldap server " . $ldapurl . " is down!");
|
|
915 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
|
|
917 | 916 |
|
918 | 917 |
$ldap->start_tls( verify => 'none'); |
919 | 918 |
$ldap->bind( version => 3, anonymous => 1); |
... | ... | |
970 | 969 |
} |
971 | 970 |
} |
972 | 971 |
|
972 |
sub handleLDAPBindFailure { |
|
973 |
my $ldapAttemptUrl = shift; |
|
974 |
my $primaryLdap = $properties->getProperty('auth.url'); |
|
975 |
|
|
976 |
if ($ldapAttemptUrl eq $primaryLdap) { |
|
977 |
handleGeneralServerFailure("The main LDAP server $ldapurl is down!"); |
|
978 |
} else { |
|
979 |
debug("attempted to bind to nonresponsive LDAP server $ldapAttemptUrl, skipped."); |
|
980 |
} |
|
981 |
} |
|
982 |
|
|
973 | 983 |
sub handleGeneralServerFailure { |
974 | 984 |
my $errorMessage = shift; |
975 | 985 |
fullTemplate( ['mainServerFailure'], { errorMessage => $errorMessage }); |
Also available in: Unified diff
Handle non-responsive LDAP referrals without killing the script, but still require the main LDAP to be up.