Project

General

Profile

« Previous | Next » 

Revision 4868

Added by walbridge over 15 years ago

- build up username using base if username isn't fully qualified (e.g. cn=Manager,dc=ecoinformatics,dc=org)
- additional debugging statements for changePassword

View differences:

src/perl/ldapweb.cgi
192 192
    } else {
193 193
        $ldapConfig->{$o}{'dn'} = $ldapConfig->{$o}{'base'};
194 194
    }
195

  
195
    
196
    # set LDAP administrator user account
196 197
    if (!$ldapConfig->{$o}{'user'}) {
197 198
        $ldapConfig->{$o}{'user'} = $ldapConfig->{'unaffiliated'}{'user'};
198 199
    }
200
    # check for a fully qualified LDAP name. If it doesn't exist, append base.
201
    my @userParts = split(',', $ldapConfig->{$o}{'user'});
202
    if (scalar(@userParts) == 1) {
203
        $ldapConfig->{$o}{'user'} = $ldapConfig->{$o}{'user'} . "," . $ldapConfig->{$o}{'base'};
204
    }
199 205

  
200 206
    if (!$ldapConfig->{$o}{'password'}) {
201 207
        $ldapConfig->{$o}{'password'} = $ldapConfig->{'unaffiliated'}{'password'};
......
448 454
        my $o = $query->param('o');
449 455
        
450 456
        $searchBase = $ldapConfig->{$o}{'base'};
451
        $ldapUsername = $ldapConfig->{$o}{'user'} . ',' . $searchBase;
457
        $ldapUsername = $ldapConfig->{$o}{'user'};
452 458
        $ldapPassword = $ldapConfig->{$o}{'password'};
453 459
    }
454 460

  
......
539 545
    my $o = shift;
540 546

  
541 547
    my $searchBase = $ldapConfig->{$o}{'base'};
542
    
548

  
543 549
    my $errorMessage = 0;
544 550
    my $ldap;
545
    
551

  
546 552
    #if main ldap server is down, a html file containing warning message will be returned
547 553
    $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
548 554
    
549 555
    if ($ldap) {
550
    	#$ldap->start_tls( verify => 'require',
556
        #$ldap->start_tls( verify => 'require',
551 557
                      #cafile => '/usr/share/ssl/ldapcerts/cacert.pem');
552
    	$ldap->start_tls( verify => 'none');
553
    	my $bindresult = $ldap->bind( version => 3, dn => $bindDN, 
558
        $ldap->start_tls( verify => 'none');
559
        debug("changePassword: attempting to bind to $bindDN");
560
        my $bindresult = $ldap->bind( version => 3, dn => $bindDN, 
554 561
                                  password => $bindPass );
555
    	if ($bindresult->code) {
556
        	$errorMessage = "Failed to log in. Are you sure your connection credentails are " .
557
                        "correct? Please correct and try again...";
558
       	 	return $errorMessage;
559
    	}
562
        if ($bindresult->code) {
563
            $errorMessage = "Failed to log in. Are you sure your connection credentails are " .
564
                            "correct? Please correct and try again...";
565
            return $errorMessage;
566
        }
560 567

  
561 568
    	# Find the user here and change their entry
562 569
    	my $newpass = createSeededPassHash($userPass);
563 570
    	my $modifications = { userPassword => $newpass };
564
        debug("changePass: setting password for $userDN to $newpass");
571
      debug("changePass: setting password for $userDN to $newpass");
565 572
    	my $result = $ldap->modify( $userDN, replace => { %$modifications });
566 573
    
567 574
    	if ($result->code()) {
......
714 721
    my $foundAccounts = 0;
715 722

  
716 723
    #if main ldap server is down, a html file containing warning message will be returned
717
    debug("connecting to LDAP in findExistingAccounts with settings $ldapurl, $timeout");
724
    debug("findExistingAccounts: connecting to $ldapurl, $timeout");
718 725
    $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl);
719 726
    if ($ldap) {
720 727
    	$ldap->start_tls( verify => 'none');
......
808 815

  
809 816
        my $searchBase = $ldapConfig->{$o}{'base'};
810 817
        my $dnBase = $ldapConfig->{$o}{'dn'};
811
        my $ldapUsername = $ldapConfig->{$o}{'user'} . ',' . $searchBase;
818
        my $ldapUsername = $ldapConfig->{$o}{'user'};
812 819
        my $ldapPassword = $ldapConfig->{$o}{'password'};
813 820
        debug("LDAP connection to $ldapurl...");    
814 821
        #if main ldap server is down, a html file containing warning message will be returned

Also available in: Unified diff