Revision 4849
Added by daigle over 15 years ago
ldapweb.cgi | ||
---|---|---|
516 | 516 |
#if main ldap server is down, a html file containing warning message will be returned |
517 | 517 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
518 | 518 |
|
519 |
#$ldap->start_tls( verify => 'require', |
|
519 |
if ($ldap) { |
|
520 |
#$ldap->start_tls( verify => 'require', |
|
520 | 521 |
#cafile => '/usr/share/ssl/ldapcerts/cacert.pem'); |
521 |
$ldap->start_tls( verify => 'none'); |
|
522 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN, |
|
522 |
$ldap->start_tls( verify => 'none');
|
|
523 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN,
|
|
523 | 524 |
password => $bindPass ); |
524 |
if ($bindresult->code) { |
|
525 |
$errorMessage = "Failed to log in. Are you sure your connection credentails are " . |
|
525 |
if ($bindresult->code) {
|
|
526 |
$errorMessage = "Failed to log in. Are you sure your connection credentails are " .
|
|
526 | 527 |
"correct? Please correct and try again..."; |
527 |
return $errorMessage;
|
|
528 |
} |
|
528 |
return $errorMessage;
|
|
529 |
}
|
|
529 | 530 |
|
530 |
# Find the user here and change their entry |
|
531 |
my $newpass = createSeededPassHash($userPass); |
|
532 |
my $modifications = { userPassword => $newpass }; |
|
533 |
my $result = $ldap->modify( $userDN, replace => { %$modifications }); |
|
531 |
# Find the user here and change their entry
|
|
532 |
my $newpass = createSeededPassHash($userPass);
|
|
533 |
my $modifications = { userPassword => $newpass };
|
|
534 |
my $result = $ldap->modify( $userDN, replace => { %$modifications });
|
|
534 | 535 |
|
535 |
if ($result->code()) { |
|
536 |
my $errorMessage = "There was an error changing the password." . |
|
536 |
if ($result->code()) {
|
|
537 |
my $errorMessage = "There was an error changing the password." .
|
|
537 | 538 |
"<br />\n" . $result->error; |
538 |
} |
|
539 |
$ldap->unbind; # take down session |
|
539 |
} |
|
540 |
$ldap->unbind; # take down session |
|
541 |
} |
|
540 | 542 |
|
541 | 543 |
return $errorMessage; |
542 | 544 |
} |
... | ... | |
576 | 578 |
|
577 | 579 |
#if main ldap server is down, a html file containing warning message will be returned |
578 | 580 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
579 |
$ldap->start_tls( verify => 'none'); |
|
580 |
my $bindresult = $ldap->bind; |
|
581 |
if ($bindresult->code) { |
|
582 |
return $entry; |
|
583 |
} |
|
581 |
|
|
582 |
if ($ldap) { |
|
583 |
$ldap->start_tls( verify => 'none'); |
|
584 |
my $bindresult = $ldap->bind; |
|
585 |
if ($bindresult->code) { |
|
586 |
return $entry; |
|
587 |
} |
|
584 | 588 |
|
585 |
if($ldapConfig->{$org}{'filter'}){ |
|
586 |
$mesg = $ldap->search ( base => $base, |
|
589 |
if($ldapConfig->{$org}{'filter'}){
|
|
590 |
$mesg = $ldap->search ( base => $base,
|
|
587 | 591 |
filter => "(&(uid=$username)($ldapConfig->{$org}{'filter'}))"); |
588 |
} else { |
|
589 |
$mesg = $ldap->search ( base => $base, filter => "(uid=$username)"); |
|
590 |
} |
|
592 |
} else {
|
|
593 |
$mesg = $ldap->search ( base => $base, filter => "(uid=$username)");
|
|
594 |
}
|
|
591 | 595 |
|
592 |
if ($mesg->count > 0) { |
|
593 |
$entry = $mesg->pop_entry; |
|
594 |
$ldap->unbind; # take down session |
|
595 |
} else { |
|
596 |
$ldap->unbind; # take down session |
|
597 |
# Follow references by recursive call to self |
|
598 |
my @references = $mesg->references(); |
|
599 |
for (my $i = 0; $i <= $#references; $i++) { |
|
600 |
my $uri = URI->new($references[$i]); |
|
601 |
my $host = $uri->host(); |
|
602 |
my $path = $uri->path(); |
|
603 |
$path =~ s/^\///; |
|
604 |
$entry = &getLdapEntry($host, $path, $username, $org); |
|
605 |
if ($entry) { |
|
606 |
return $entry; |
|
607 |
} |
|
608 |
} |
|
596 |
if ($mesg->count > 0) { |
|
597 |
$entry = $mesg->pop_entry; |
|
598 |
$ldap->unbind; # take down session |
|
599 |
} else { |
|
600 |
$ldap->unbind; # take down session |
|
601 |
# Follow references by recursive call to self |
|
602 |
my @references = $mesg->references(); |
|
603 |
for (my $i = 0; $i <= $#references; $i++) { |
|
604 |
my $uri = URI->new($references[$i]); |
|
605 |
my $host = $uri->host(); |
|
606 |
my $path = $uri->path(); |
|
607 |
$path =~ s/^\///; |
|
608 |
$entry = &getLdapEntry($host, $path, $username, $org); |
|
609 |
if ($entry) { |
|
610 |
return $entry; |
|
611 |
} |
|
612 |
} |
|
613 |
} |
|
609 | 614 |
} |
610 | 615 |
return $entry; |
611 | 616 |
} |
... | ... | |
773 | 778 |
#if main ldap server is down, a html file containing warning message will be returned |
774 | 779 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
775 | 780 |
|
781 |
if ($ldap) { |
|
782 |
$ldap->start_tls( verify => 'none'); |
|
783 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword"); |
|
784 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
|
776 | 785 |
|
777 |
$ldap->start_tls( verify => 'none'); |
|
778 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword"); |
|
779 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
|
780 |
|
|
781 |
my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase; |
|
782 |
debug("Inserting new entry for: $dn"); |
|
786 |
my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase; |
|
787 |
debug("Inserting new entry for: $dn"); |
|
783 | 788 |
|
784 |
# Create a hashed version of the password |
|
785 |
my $shapass = createSeededPassHash($query->param('userPassword')); |
|
789 |
# Create a hashed version of the password
|
|
790 |
my $shapass = createSeededPassHash($query->param('userPassword'));
|
|
786 | 791 |
|
787 |
# Do the insertion |
|
788 |
my $additions = [ |
|
792 |
# Do the insertion
|
|
793 |
my $additions = [
|
|
789 | 794 |
'uid' => $query->param('uid'), |
790 | 795 |
'o' => $query->param('o'), |
791 | 796 |
'cn' => join(" ", $query->param('givenName'), |
... | ... | |
796 | 801 |
'userPassword' => $shapass, |
797 | 802 |
'objectclass' => ['top', 'person', 'organizationalPerson', |
798 | 803 |
'inetOrgPerson', 'uidObject' ] |
799 |
]; |
|
800 |
if (defined($query->param('telephoneNumber')) && |
|
801 |
$query->param('telephoneNumber') && |
|
802 |
! $query->param('telephoneNumber') =~ /^\s+$/) { |
|
803 |
$$additions[$#$additions + 1] = 'telephoneNumber'; |
|
804 |
$$additions[$#$additions + 1] = $query->param('telephoneNumber'); |
|
805 |
} |
|
806 |
if (defined($query->param('title')) && |
|
807 |
$query->param('title') && |
|
808 |
! $query->param('title') =~ /^\s+$/) { |
|
809 |
$$additions[$#$additions + 1] = 'title'; |
|
810 |
$$additions[$#$additions + 1] = $query->param('title'); |
|
811 |
} |
|
812 |
my $result = $ldap->add ( 'dn' => $dn, 'attr' => [ @$additions ]); |
|
804 |
];
|
|
805 |
if (defined($query->param('telephoneNumber')) &&
|
|
806 |
$query->param('telephoneNumber') &&
|
|
807 |
! $query->param('telephoneNumber') =~ /^\s+$/) {
|
|
808 |
$$additions[$#$additions + 1] = 'telephoneNumber';
|
|
809 |
$$additions[$#$additions + 1] = $query->param('telephoneNumber');
|
|
810 |
}
|
|
811 |
if (defined($query->param('title')) &&
|
|
812 |
$query->param('title') &&
|
|
813 |
! $query->param('title') =~ /^\s+$/) {
|
|
814 |
$$additions[$#$additions + 1] = 'title';
|
|
815 |
$$additions[$#$additions + 1] = $query->param('title');
|
|
816 |
}
|
|
817 |
my $result = $ldap->add ( 'dn' => $dn, 'attr' => [ @$additions ]);
|
|
813 | 818 |
|
814 |
if ($result->code()) { |
|
815 |
fullTemplate( ['registerFailed', 'register'], { stage => "register", |
|
819 |
if ($result->code()) {
|
|
820 |
fullTemplate( ['registerFailed', 'register'], { stage => "register",
|
|
816 | 821 |
allParams => $allParams, |
817 | 822 |
errorMessage => $result->error }); |
818 |
# TODO SCW was included as separate errors, test this |
|
819 |
#$templateVars = setVars({ stage => "register", |
|
820 |
# allParams => $allParams }); |
|
821 |
#$template->process( $templates->{'register'}, $templateVars); |
|
822 |
} else { |
|
823 |
fullTemplate( ['success'] ); |
|
823 |
# TODO SCW was included as separate errors, test this |
|
824 |
#$templateVars = setVars({ stage => "register", |
|
825 |
# allParams => $allParams }); |
|
826 |
#$template->process( $templates->{'register'}, $templateVars); |
|
827 |
} else { |
|
828 |
fullTemplate( ['success'] ); |
|
829 |
} |
|
830 |
|
|
831 |
$ldap->unbind; # take down session |
|
824 | 832 |
} |
825 |
|
|
826 |
$ldap->unbind; # take down session |
|
827 | 833 |
} |
828 | 834 |
} |
829 | 835 |
|
... | ... | |
912 | 918 |
my $filter = shift; |
913 | 919 |
my $attref = shift; |
914 | 920 |
|
921 |
my $mesg; |
|
915 | 922 |
my $foundAccounts = 0; |
916 | 923 |
|
917 | 924 |
#if ldap server is down, a html file containing warning message will be returned |
918 | 925 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
919 | 926 |
|
920 |
$ldap->start_tls( verify => 'none'); |
|
921 |
$ldap->bind( version => 3, anonymous => 1); |
|
922 |
my $mesg = $ldap->search ( |
|
923 |
base => $base, |
|
924 |
filter => $filter, |
|
925 |
attrs => @$attref, |
|
926 |
); |
|
927 |
if ($ldap) { |
|
928 |
$ldap->start_tls( verify => 'none'); |
|
929 |
$ldap->bind( version => 3, anonymous => 1); |
|
930 |
my $mesg = $ldap->search ( |
|
931 |
base => $base, |
|
932 |
filter => $filter, |
|
933 |
attrs => @$attref, |
|
934 |
); |
|
927 | 935 |
|
928 |
if ($mesg->count() > 0) { |
|
929 |
$foundAccounts = ""; |
|
930 |
my $entry; |
|
931 |
foreach $entry ($mesg->sorted(['sn'])) { |
|
932 |
$foundAccounts .= "<tr>\n<td class=\"main\">\n"; |
|
933 |
$foundAccounts .= "<a href=\"" unless |
|
936 |
if ($mesg->count() > 0) {
|
|
937 |
$foundAccounts = "";
|
|
938 |
my $entry;
|
|
939 |
foreach $entry ($mesg->sorted(['sn'])) {
|
|
940 |
$foundAccounts .= "<tr>\n<td class=\"main\">\n";
|
|
941 |
$foundAccounts .= "<a href=\"" unless
|
|
934 | 942 |
(!$entry->get_value('labeledURI')); |
935 |
$foundAccounts .= $entry->get_value('labeledURI') unless |
|
943 |
$foundAccounts .= $entry->get_value('labeledURI') unless
|
|
936 | 944 |
(!$entry->get_value('labeledURI')); |
937 |
$foundAccounts .= "\">\n" unless |
|
945 |
$foundAccounts .= "\">\n" unless
|
|
938 | 946 |
(!$entry->get_value('labeledURI')); |
939 |
$foundAccounts .= $entry->get_value('givenName'); |
|
940 |
$foundAccounts .= "</a>\n" unless |
|
947 |
$foundAccounts .= $entry->get_value('givenName');
|
|
948 |
$foundAccounts .= "</a>\n" unless
|
|
941 | 949 |
(!$entry->get_value('labeledURI')); |
942 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
943 |
$foundAccounts .= "<a href=\"" unless |
|
950 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n";
|
|
951 |
$foundAccounts .= "<a href=\"" unless
|
|
944 | 952 |
(!$entry->get_value('labeledURI')); |
945 |
$foundAccounts .= $entry->get_value('labeledURI') unless |
|
953 |
$foundAccounts .= $entry->get_value('labeledURI') unless
|
|
946 | 954 |
(!$entry->get_value('labeledURI')); |
947 |
$foundAccounts .= "\">\n" unless |
|
955 |
$foundAccounts .= "\">\n" unless
|
|
948 | 956 |
(!$entry->get_value('labeledURI')); |
949 |
$foundAccounts .= $entry->get_value('sn'); |
|
950 |
$foundAccounts .= "</a>\n"; |
|
951 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
952 |
$foundAccounts .= $entry->get_value('mail'); |
|
953 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
954 |
$foundAccounts .= $entry->get_value('telephonenumber'); |
|
955 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
956 |
$foundAccounts .= $entry->get_value('title'); |
|
957 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
958 |
$foundAccounts .= $entry->get_value('ou'); |
|
959 |
$foundAccounts .= "\n</td>\n"; |
|
960 |
$foundAccounts .= "</tr>\n"; |
|
961 |
} |
|
957 |
$foundAccounts .= $entry->get_value('sn'); |
|
958 |
$foundAccounts .= "</a>\n"; |
|
959 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
960 |
$foundAccounts .= $entry->get_value('mail'); |
|
961 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
962 |
$foundAccounts .= $entry->get_value('telephonenumber'); |
|
963 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
964 |
$foundAccounts .= $entry->get_value('title'); |
|
965 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
966 |
$foundAccounts .= $entry->get_value('ou'); |
|
967 |
$foundAccounts .= "\n</td>\n"; |
|
968 |
$foundAccounts .= "</tr>\n"; |
|
969 |
} |
|
970 |
} |
|
971 |
$ldap->unbind; # take down session |
|
962 | 972 |
} |
963 |
$ldap->unbind; # take down session |
|
964 | 973 |
return $foundAccounts; |
965 | 974 |
} |
966 | 975 |
|
Also available in: Unified diff
Handle all places where ldap may be null