Revision 4868
Added by walbridge over 15 years ago
| ldapweb.cgi | ||
|---|---|---|
| 192 | 192 |
} else {
|
| 193 | 193 |
$ldapConfig->{$o}{'dn'} = $ldapConfig->{$o}{'base'};
|
| 194 | 194 |
} |
| 195 |
|
|
| 195 |
|
|
| 196 |
# set LDAP administrator user account |
|
| 196 | 197 |
if (!$ldapConfig->{$o}{'user'}) {
|
| 197 | 198 |
$ldapConfig->{$o}{'user'} = $ldapConfig->{'unaffiliated'}{'user'};
|
| 198 | 199 |
} |
| 200 |
# check for a fully qualified LDAP name. If it doesn't exist, append base. |
|
| 201 |
my @userParts = split(',', $ldapConfig->{$o}{'user'});
|
|
| 202 |
if (scalar(@userParts) == 1) {
|
|
| 203 |
$ldapConfig->{$o}{'user'} = $ldapConfig->{$o}{'user'} . "," . $ldapConfig->{$o}{'base'};
|
|
| 204 |
} |
|
| 199 | 205 |
|
| 200 | 206 |
if (!$ldapConfig->{$o}{'password'}) {
|
| 201 | 207 |
$ldapConfig->{$o}{'password'} = $ldapConfig->{'unaffiliated'}{'password'};
|
| ... | ... | |
| 448 | 454 |
my $o = $query->param('o');
|
| 449 | 455 |
|
| 450 | 456 |
$searchBase = $ldapConfig->{$o}{'base'};
|
| 451 |
$ldapUsername = $ldapConfig->{$o}{'user'} . ',' . $searchBase;
|
|
| 457 |
$ldapUsername = $ldapConfig->{$o}{'user'};
|
|
| 452 | 458 |
$ldapPassword = $ldapConfig->{$o}{'password'};
|
| 453 | 459 |
} |
| 454 | 460 |
|
| ... | ... | |
| 539 | 545 |
my $o = shift; |
| 540 | 546 |
|
| 541 | 547 |
my $searchBase = $ldapConfig->{$o}{'base'};
|
| 542 |
|
|
| 548 |
|
|
| 543 | 549 |
my $errorMessage = 0; |
| 544 | 550 |
my $ldap; |
| 545 |
|
|
| 551 |
|
|
| 546 | 552 |
#if main ldap server is down, a html file containing warning message will be returned |
| 547 | 553 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 548 | 554 |
|
| 549 | 555 |
if ($ldap) {
|
| 550 |
#$ldap->start_tls( verify => 'require',
|
|
| 556 |
#$ldap->start_tls( verify => 'require',
|
|
| 551 | 557 |
#cafile => '/usr/share/ssl/ldapcerts/cacert.pem'); |
| 552 |
$ldap->start_tls( verify => 'none'); |
|
| 553 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN, |
|
| 558 |
$ldap->start_tls( verify => 'none'); |
|
| 559 |
debug("changePassword: attempting to bind to $bindDN");
|
|
| 560 |
my $bindresult = $ldap->bind( version => 3, dn => $bindDN, |
|
| 554 | 561 |
password => $bindPass ); |
| 555 |
if ($bindresult->code) {
|
|
| 556 |
$errorMessage = "Failed to log in. Are you sure your connection credentails are " .
|
|
| 557 |
"correct? Please correct and try again..."; |
|
| 558 |
return $errorMessage;
|
|
| 559 |
}
|
|
| 562 |
if ($bindresult->code) {
|
|
| 563 |
$errorMessage = "Failed to log in. Are you sure your connection credentails are " .
|
|
| 564 |
"correct? Please correct and try again...";
|
|
| 565 |
return $errorMessage;
|
|
| 566 |
}
|
|
| 560 | 567 |
|
| 561 | 568 |
# Find the user here and change their entry |
| 562 | 569 |
my $newpass = createSeededPassHash($userPass); |
| 563 | 570 |
my $modifications = { userPassword => $newpass };
|
| 564 |
debug("changePass: setting password for $userDN to $newpass");
|
|
| 571 |
debug("changePass: setting password for $userDN to $newpass");
|
|
| 565 | 572 |
my $result = $ldap->modify( $userDN, replace => { %$modifications });
|
| 566 | 573 |
|
| 567 | 574 |
if ($result->code()) {
|
| ... | ... | |
| 714 | 721 |
my $foundAccounts = 0; |
| 715 | 722 |
|
| 716 | 723 |
#if main ldap server is down, a html file containing warning message will be returned |
| 717 |
debug("connecting to LDAP in findExistingAccounts with settings $ldapurl, $timeout");
|
|
| 724 |
debug("findExistingAccounts: connecting to $ldapurl, $timeout");
|
|
| 718 | 725 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 719 | 726 |
if ($ldap) {
|
| 720 | 727 |
$ldap->start_tls( verify => 'none'); |
| ... | ... | |
| 808 | 815 |
|
| 809 | 816 |
my $searchBase = $ldapConfig->{$o}{'base'};
|
| 810 | 817 |
my $dnBase = $ldapConfig->{$o}{'dn'};
|
| 811 |
my $ldapUsername = $ldapConfig->{$o}{'user'} . ',' . $searchBase;
|
|
| 818 |
my $ldapUsername = $ldapConfig->{$o}{'user'};
|
|
| 812 | 819 |
my $ldapPassword = $ldapConfig->{$o}{'password'};
|
| 813 | 820 |
debug("LDAP connection to $ldapurl...");
|
| 814 | 821 |
#if main ldap server is down, a html file containing warning message will be returned |
Also available in: Unified diff
- build up username using base if username isn't fully qualified (e.g. cn=Manager,dc=ecoinformatics,dc=org)
- additional debugging statements for changePassword