Revision 4849
Added by daigle about 15 years ago
| ldapweb.cgi | ||
|---|---|---|
| 516 | 516 |
#if main ldap server is down, a html file containing warning message will be returned |
| 517 | 517 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 518 | 518 |
|
| 519 |
#$ldap->start_tls( verify => 'require', |
|
| 519 |
if ($ldap) {
|
|
| 520 |
#$ldap->start_tls( verify => 'require', |
|
| 520 | 521 |
#cafile => '/usr/share/ssl/ldapcerts/cacert.pem'); |
| 521 |
$ldap->start_tls( verify => 'none'); |
|
| 522 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN, |
|
| 522 |
$ldap->start_tls( verify => 'none');
|
|
| 523 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN,
|
|
| 523 | 524 |
password => $bindPass ); |
| 524 |
if ($bindresult->code) {
|
|
| 525 |
$errorMessage = "Failed to log in. Are you sure your connection credentails are " . |
|
| 525 |
if ($bindresult->code) {
|
|
| 526 |
$errorMessage = "Failed to log in. Are you sure your connection credentails are " .
|
|
| 526 | 527 |
"correct? Please correct and try again..."; |
| 527 |
return $errorMessage;
|
|
| 528 |
} |
|
| 528 |
return $errorMessage;
|
|
| 529 |
}
|
|
| 529 | 530 |
|
| 530 |
# Find the user here and change their entry |
|
| 531 |
my $newpass = createSeededPassHash($userPass); |
|
| 532 |
my $modifications = { userPassword => $newpass };
|
|
| 533 |
my $result = $ldap->modify( $userDN, replace => { %$modifications });
|
|
| 531 |
# Find the user here and change their entry
|
|
| 532 |
my $newpass = createSeededPassHash($userPass);
|
|
| 533 |
my $modifications = { userPassword => $newpass };
|
|
| 534 |
my $result = $ldap->modify( $userDN, replace => { %$modifications });
|
|
| 534 | 535 |
|
| 535 |
if ($result->code()) {
|
|
| 536 |
my $errorMessage = "There was an error changing the password." . |
|
| 536 |
if ($result->code()) {
|
|
| 537 |
my $errorMessage = "There was an error changing the password." .
|
|
| 537 | 538 |
"<br />\n" . $result->error; |
| 538 |
} |
|
| 539 |
$ldap->unbind; # take down session |
|
| 539 |
} |
|
| 540 |
$ldap->unbind; # take down session |
|
| 541 |
} |
|
| 540 | 542 |
|
| 541 | 543 |
return $errorMessage; |
| 542 | 544 |
} |
| ... | ... | |
| 576 | 578 |
|
| 577 | 579 |
#if main ldap server is down, a html file containing warning message will be returned |
| 578 | 580 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 579 |
$ldap->start_tls( verify => 'none'); |
|
| 580 |
my $bindresult = $ldap->bind; |
|
| 581 |
if ($bindresult->code) {
|
|
| 582 |
return $entry; |
|
| 583 |
} |
|
| 581 |
|
|
| 582 |
if ($ldap) {
|
|
| 583 |
$ldap->start_tls( verify => 'none'); |
|
| 584 |
my $bindresult = $ldap->bind; |
|
| 585 |
if ($bindresult->code) {
|
|
| 586 |
return $entry; |
|
| 587 |
} |
|
| 584 | 588 |
|
| 585 |
if($ldapConfig->{$org}{'filter'}){
|
|
| 586 |
$mesg = $ldap->search ( base => $base, |
|
| 589 |
if($ldapConfig->{$org}{'filter'}){
|
|
| 590 |
$mesg = $ldap->search ( base => $base,
|
|
| 587 | 591 |
filter => "(&(uid=$username)($ldapConfig->{$org}{'filter'}))");
|
| 588 |
} else {
|
|
| 589 |
$mesg = $ldap->search ( base => $base, filter => "(uid=$username)"); |
|
| 590 |
} |
|
| 592 |
} else {
|
|
| 593 |
$mesg = $ldap->search ( base => $base, filter => "(uid=$username)");
|
|
| 594 |
}
|
|
| 591 | 595 |
|
| 592 |
if ($mesg->count > 0) {
|
|
| 593 |
$entry = $mesg->pop_entry; |
|
| 594 |
$ldap->unbind; # take down session |
|
| 595 |
} else {
|
|
| 596 |
$ldap->unbind; # take down session |
|
| 597 |
# Follow references by recursive call to self |
|
| 598 |
my @references = $mesg->references(); |
|
| 599 |
for (my $i = 0; $i <= $#references; $i++) {
|
|
| 600 |
my $uri = URI->new($references[$i]); |
|
| 601 |
my $host = $uri->host(); |
|
| 602 |
my $path = $uri->path(); |
|
| 603 |
$path =~ s/^\///; |
|
| 604 |
$entry = &getLdapEntry($host, $path, $username, $org); |
|
| 605 |
if ($entry) {
|
|
| 606 |
return $entry; |
|
| 607 |
} |
|
| 608 |
} |
|
| 596 |
if ($mesg->count > 0) {
|
|
| 597 |
$entry = $mesg->pop_entry; |
|
| 598 |
$ldap->unbind; # take down session |
|
| 599 |
} else {
|
|
| 600 |
$ldap->unbind; # take down session |
|
| 601 |
# Follow references by recursive call to self |
|
| 602 |
my @references = $mesg->references(); |
|
| 603 |
for (my $i = 0; $i <= $#references; $i++) {
|
|
| 604 |
my $uri = URI->new($references[$i]); |
|
| 605 |
my $host = $uri->host(); |
|
| 606 |
my $path = $uri->path(); |
|
| 607 |
$path =~ s/^\///; |
|
| 608 |
$entry = &getLdapEntry($host, $path, $username, $org); |
|
| 609 |
if ($entry) {
|
|
| 610 |
return $entry; |
|
| 611 |
} |
|
| 612 |
} |
|
| 613 |
} |
|
| 609 | 614 |
} |
| 610 | 615 |
return $entry; |
| 611 | 616 |
} |
| ... | ... | |
| 773 | 778 |
#if main ldap server is down, a html file containing warning message will be returned |
| 774 | 779 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 775 | 780 |
|
| 781 |
if ($ldap) {
|
|
| 782 |
$ldap->start_tls( verify => 'none'); |
|
| 783 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword");
|
|
| 784 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
|
| 776 | 785 |
|
| 777 |
$ldap->start_tls( verify => 'none'); |
|
| 778 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword");
|
|
| 779 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
|
| 780 |
|
|
| 781 |
my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase;
|
|
| 782 |
debug("Inserting new entry for: $dn");
|
|
| 786 |
my $dn = 'uid=' . $query->param('uid') . ',' . $dnBase;
|
|
| 787 |
debug("Inserting new entry for: $dn");
|
|
| 783 | 788 |
|
| 784 |
# Create a hashed version of the password |
|
| 785 |
my $shapass = createSeededPassHash($query->param('userPassword'));
|
|
| 789 |
# Create a hashed version of the password
|
|
| 790 |
my $shapass = createSeededPassHash($query->param('userPassword'));
|
|
| 786 | 791 |
|
| 787 |
# Do the insertion |
|
| 788 |
my $additions = [ |
|
| 792 |
# Do the insertion
|
|
| 793 |
my $additions = [
|
|
| 789 | 794 |
'uid' => $query->param('uid'),
|
| 790 | 795 |
'o' => $query->param('o'),
|
| 791 | 796 |
'cn' => join(" ", $query->param('givenName'),
|
| ... | ... | |
| 796 | 801 |
'userPassword' => $shapass, |
| 797 | 802 |
'objectclass' => ['top', 'person', 'organizationalPerson', |
| 798 | 803 |
'inetOrgPerson', 'uidObject' ] |
| 799 |
]; |
|
| 800 |
if (defined($query->param('telephoneNumber')) &&
|
|
| 801 |
$query->param('telephoneNumber') &&
|
|
| 802 |
! $query->param('telephoneNumber') =~ /^\s+$/) {
|
|
| 803 |
$$additions[$#$additions + 1] = 'telephoneNumber'; |
|
| 804 |
$$additions[$#$additions + 1] = $query->param('telephoneNumber');
|
|
| 805 |
} |
|
| 806 |
if (defined($query->param('title')) &&
|
|
| 807 |
$query->param('title') &&
|
|
| 808 |
! $query->param('title') =~ /^\s+$/) {
|
|
| 809 |
$$additions[$#$additions + 1] = 'title'; |
|
| 810 |
$$additions[$#$additions + 1] = $query->param('title');
|
|
| 811 |
} |
|
| 812 |
my $result = $ldap->add ( 'dn' => $dn, 'attr' => [ @$additions ]); |
|
| 804 |
];
|
|
| 805 |
if (defined($query->param('telephoneNumber')) &&
|
|
| 806 |
$query->param('telephoneNumber') &&
|
|
| 807 |
! $query->param('telephoneNumber') =~ /^\s+$/) {
|
|
| 808 |
$$additions[$#$additions + 1] = 'telephoneNumber';
|
|
| 809 |
$$additions[$#$additions + 1] = $query->param('telephoneNumber');
|
|
| 810 |
}
|
|
| 811 |
if (defined($query->param('title')) &&
|
|
| 812 |
$query->param('title') &&
|
|
| 813 |
! $query->param('title') =~ /^\s+$/) {
|
|
| 814 |
$$additions[$#$additions + 1] = 'title';
|
|
| 815 |
$$additions[$#$additions + 1] = $query->param('title');
|
|
| 816 |
}
|
|
| 817 |
my $result = $ldap->add ( 'dn' => $dn, 'attr' => [ @$additions ]);
|
|
| 813 | 818 |
|
| 814 |
if ($result->code()) {
|
|
| 815 |
fullTemplate( ['registerFailed', 'register'], { stage => "register",
|
|
| 819 |
if ($result->code()) {
|
|
| 820 |
fullTemplate( ['registerFailed', 'register'], { stage => "register",
|
|
| 816 | 821 |
allParams => $allParams, |
| 817 | 822 |
errorMessage => $result->error }); |
| 818 |
# TODO SCW was included as separate errors, test this |
|
| 819 |
#$templateVars = setVars({ stage => "register",
|
|
| 820 |
# allParams => $allParams }); |
|
| 821 |
#$template->process( $templates->{'register'}, $templateVars);
|
|
| 822 |
} else {
|
|
| 823 |
fullTemplate( ['success'] ); |
|
| 823 |
# TODO SCW was included as separate errors, test this |
|
| 824 |
#$templateVars = setVars({ stage => "register",
|
|
| 825 |
# allParams => $allParams }); |
|
| 826 |
#$template->process( $templates->{'register'}, $templateVars);
|
|
| 827 |
} else {
|
|
| 828 |
fullTemplate( ['success'] ); |
|
| 829 |
} |
|
| 830 |
|
|
| 831 |
$ldap->unbind; # take down session |
|
| 824 | 832 |
} |
| 825 |
|
|
| 826 |
$ldap->unbind; # take down session |
|
| 827 | 833 |
} |
| 828 | 834 |
} |
| 829 | 835 |
|
| ... | ... | |
| 912 | 918 |
my $filter = shift; |
| 913 | 919 |
my $attref = shift; |
| 914 | 920 |
|
| 921 |
my $mesg; |
|
| 915 | 922 |
my $foundAccounts = 0; |
| 916 | 923 |
|
| 917 | 924 |
#if ldap server is down, a html file containing warning message will be returned |
| 918 | 925 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 919 | 926 |
|
| 920 |
$ldap->start_tls( verify => 'none'); |
|
| 921 |
$ldap->bind( version => 3, anonymous => 1); |
|
| 922 |
my $mesg = $ldap->search ( |
|
| 923 |
base => $base, |
|
| 924 |
filter => $filter, |
|
| 925 |
attrs => @$attref, |
|
| 926 |
); |
|
| 927 |
if ($ldap) {
|
|
| 928 |
$ldap->start_tls( verify => 'none'); |
|
| 929 |
$ldap->bind( version => 3, anonymous => 1); |
|
| 930 |
my $mesg = $ldap->search ( |
|
| 931 |
base => $base, |
|
| 932 |
filter => $filter, |
|
| 933 |
attrs => @$attref, |
|
| 934 |
); |
|
| 927 | 935 |
|
| 928 |
if ($mesg->count() > 0) {
|
|
| 929 |
$foundAccounts = ""; |
|
| 930 |
my $entry; |
|
| 931 |
foreach $entry ($mesg->sorted(['sn'])) {
|
|
| 932 |
$foundAccounts .= "<tr>\n<td class=\"main\">\n"; |
|
| 933 |
$foundAccounts .= "<a href=\"" unless |
|
| 936 |
if ($mesg->count() > 0) {
|
|
| 937 |
$foundAccounts = "";
|
|
| 938 |
my $entry;
|
|
| 939 |
foreach $entry ($mesg->sorted(['sn'])) {
|
|
| 940 |
$foundAccounts .= "<tr>\n<td class=\"main\">\n";
|
|
| 941 |
$foundAccounts .= "<a href=\"" unless
|
|
| 934 | 942 |
(!$entry->get_value('labeledURI'));
|
| 935 |
$foundAccounts .= $entry->get_value('labeledURI') unless
|
|
| 943 |
$foundAccounts .= $entry->get_value('labeledURI') unless
|
|
| 936 | 944 |
(!$entry->get_value('labeledURI'));
|
| 937 |
$foundAccounts .= "\">\n" unless |
|
| 945 |
$foundAccounts .= "\">\n" unless
|
|
| 938 | 946 |
(!$entry->get_value('labeledURI'));
|
| 939 |
$foundAccounts .= $entry->get_value('givenName');
|
|
| 940 |
$foundAccounts .= "</a>\n" unless |
|
| 947 |
$foundAccounts .= $entry->get_value('givenName');
|
|
| 948 |
$foundAccounts .= "</a>\n" unless
|
|
| 941 | 949 |
(!$entry->get_value('labeledURI'));
|
| 942 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 943 |
$foundAccounts .= "<a href=\"" unless |
|
| 950 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n";
|
|
| 951 |
$foundAccounts .= "<a href=\"" unless
|
|
| 944 | 952 |
(!$entry->get_value('labeledURI'));
|
| 945 |
$foundAccounts .= $entry->get_value('labeledURI') unless
|
|
| 953 |
$foundAccounts .= $entry->get_value('labeledURI') unless
|
|
| 946 | 954 |
(!$entry->get_value('labeledURI'));
|
| 947 |
$foundAccounts .= "\">\n" unless |
|
| 955 |
$foundAccounts .= "\">\n" unless
|
|
| 948 | 956 |
(!$entry->get_value('labeledURI'));
|
| 949 |
$foundAccounts .= $entry->get_value('sn');
|
|
| 950 |
$foundAccounts .= "</a>\n"; |
|
| 951 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 952 |
$foundAccounts .= $entry->get_value('mail');
|
|
| 953 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 954 |
$foundAccounts .= $entry->get_value('telephonenumber');
|
|
| 955 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 956 |
$foundAccounts .= $entry->get_value('title');
|
|
| 957 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 958 |
$foundAccounts .= $entry->get_value('ou');
|
|
| 959 |
$foundAccounts .= "\n</td>\n"; |
|
| 960 |
$foundAccounts .= "</tr>\n"; |
|
| 961 |
} |
|
| 957 |
$foundAccounts .= $entry->get_value('sn');
|
|
| 958 |
$foundAccounts .= "</a>\n"; |
|
| 959 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 960 |
$foundAccounts .= $entry->get_value('mail');
|
|
| 961 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 962 |
$foundAccounts .= $entry->get_value('telephonenumber');
|
|
| 963 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 964 |
$foundAccounts .= $entry->get_value('title');
|
|
| 965 |
$foundAccounts .= "\n</td>\n<td class=\"main\">\n"; |
|
| 966 |
$foundAccounts .= $entry->get_value('ou');
|
|
| 967 |
$foundAccounts .= "\n</td>\n"; |
|
| 968 |
$foundAccounts .= "</tr>\n"; |
|
| 969 |
} |
|
| 970 |
} |
|
| 971 |
$ldap->unbind; # take down session |
|
| 962 | 972 |
} |
| 963 |
$ldap->unbind; # take down session |
|
| 964 | 973 |
return $foundAccounts; |
| 965 | 974 |
} |
| 966 | 975 |
|
Also available in: Unified diff
Handle all places where ldap may be null