Revision 8180
Added by Jing Tao over 10 years ago
| src/perl/ldapweb.cgi | ||
|---|---|---|
| 268 | 268 |
'initchangepass' => \&handleInitialChangePassword, |
| 269 | 269 |
'resetpass' => \&handleResetPassword, |
| 270 | 270 |
'initresetpass' => \&handleInitialResetPassword, |
| 271 |
'createtemppass' => \&createTemporaryAccount, |
|
| 272 | 271 |
); |
| 273 | 272 |
|
| 274 | 273 |
# call the appropriate routine based on the stage |
| ... | ... | |
| 397 | 396 |
foundAccounts => $found }); |
| 398 | 397 |
# Otherwise, create a new user in the LDAP directory |
| 399 | 398 |
} else {
|
| 400 |
createAccount($allParams); |
|
| 399 |
createTemporaryAccount($allParams);
|
|
| 401 | 400 |
} |
| 402 | 401 |
|
| 403 | 402 |
exit(); |
| ... | ... | |
| 420 | 419 |
'title' => $query->param('title'),
|
| 421 | 420 |
'telephoneNumber' => $query->param('telephoneNumber') };
|
| 422 | 421 |
print "Content-type: text/html\n\n"; |
| 423 |
createAccount($allParams); |
|
| 422 |
createTemporaryAccount($allParams);
|
|
| 424 | 423 |
exit(); |
| 425 | 424 |
} |
| 426 | 425 |
|
| ... | ... | |
| 868 | 867 |
# |
| 869 | 868 |
sub createTemporaryAccount {
|
| 870 | 869 |
my $allParams = shift; |
| 871 |
#my $org = $query->param('o');
|
|
| 872 |
my $org = 'unaffiliated'; |
|
| 870 |
my $org = $query->param('o');
|
|
| 871 |
#my $org = 'unaffiliated';
|
|
| 873 | 872 |
my $ou = $query->param('ou');
|
| 874 | 873 |
#my $ou = 'LTER'; |
| 875 |
my $uid = $query->param('uid');
|
|
| 876 | 874 |
|
| 877 |
#to see if the organizaton exist
|
|
| 875 |
################## Search LDAP for matching o or ou that already exist
|
|
| 878 | 876 |
my $tmpSearchBase = 'dc=tmp,' . $authBase; |
| 879 |
print "Content-type: text/html\n\n"; |
|
| 880 |
|
|
| 881 |
my $filter; |
|
| 882 |
# Search LDAP for matching o or ou that already exist |
|
| 877 |
my $filter; |
|
| 883 | 878 |
if($org) {
|
| 884 | 879 |
$filter = "(o" |
| 885 | 880 |
. "=" . $org . |
| ... | ... | |
| 892 | 887 |
debug("search filer " . $filter);
|
| 893 | 888 |
debug("ldap server ". $ldapurl);
|
| 894 | 889 |
debug("sesarch base " . $tmpSearchBase);
|
| 890 |
print "Content-type: text/html\n\n"; |
|
| 895 | 891 |
my @attrs = ['o', 'ou' ]; |
| 896 | 892 |
my $found = searchDirectory($ldapurl, $tmpSearchBase, $filter, \@attrs); |
| 893 |
|
|
| 894 |
my $ldapUsername = $ldapConfig->{$org}{'user'};
|
|
| 895 |
my $ldapPassword = $ldapConfig->{$org}{'password'};
|
|
| 896 |
debug("LDAP connection to $ldapurl...");
|
|
| 897 |
|
|
| 898 |
|
|
| 897 | 899 |
if(!$found) {
|
| 900 |
debug("generate the subtree in the dc=tmp===========================");
|
|
| 898 | 901 |
#need to generate the subtree o or ou |
| 899 |
my $ldapUsername = $ldapConfig->{$org}{'user'};
|
|
| 900 |
my $ldapPassword = $ldapConfig->{$org}{'password'};
|
|
| 901 |
debug("LDAP connection to $ldapurl...");
|
|
| 902 |
my $dn; |
|
| 902 | 903 |
#if main ldap server is down, a html file containing warning message will be returned |
| 903 | 904 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
| 904 |
my $dn; |
|
| 905 | 905 |
if ($ldap) {
|
| 906 | 906 |
$ldap->start_tls( verify => 'none'); |
| 907 | 907 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword");
|
| 908 | 908 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
| 909 |
|
|
| 910 |
# Do the insertion |
|
| 911 | 909 |
my $additions; |
| 912 | 910 |
if($org) {
|
| 913 | 911 |
$additions = [ |
| ... | ... | |
| 922 | 920 |
]; |
| 923 | 921 |
$dn='ou=' . $ou . ',' . $tmpSearchBase; |
| 924 | 922 |
} |
| 925 |
|
|
| 923 |
# Do the insertion |
|
| 924 |
debug(" 1-1 here is the additions " . $additions);
|
|
| 925 |
debug(" 2-1 here is the additions " . @$additions);
|
|
| 926 |
debug(" 3-1 here is the additions " . [@$additions]);
|
|
| 926 | 927 |
my $result = $ldap->add ( 'dn' => $dn, 'attr' => [ @$additions ]); |
| 927 | 928 |
if ($result->code()) {
|
| 928 | 929 |
fullTemplate( ['registerFailed', 'register'], { stage => "register",
|
| 929 | 930 |
allParams => $allParams, |
| 930 | 931 |
errorMessage => $result->error }); |
| 932 |
$ldap->unbind; # take down session |
|
| 933 |
exist(0) |
|
| 931 | 934 |
# TODO SCW was included as separate errors, test this |
| 932 | 935 |
#$templateVars = setVars({ stage => "register",
|
| 933 | 936 |
# allParams => $allParams }); |
| 934 | 937 |
#$template->process( $templates->{'register'}, $templateVars);
|
| 935 | 938 |
} |
| 936 | 939 |
$ldap->unbind; # take down session |
| 937 |
} else {
|
|
| 940 |
} else {
|
|
| 938 | 941 |
fullTemplate( ['registerFailed', 'register'], { stage => "register",
|
| 939 | 942 |
allParams => $allParams, |
| 940 | 943 |
errorMessage => "The ldap server is not available now. Please try it later"}); |
| 941 | 944 |
exit(0); |
| 942 |
} |
|
| 945 |
} |
|
| 946 |
|
|
| 943 | 947 |
} |
| 944 | 948 |
|
| 949 |
################create an account under tmp subtree |
|
| 945 | 950 |
|
| 951 |
#generate a randomstr for matching the email. |
|
| 952 |
my $randomStr = getRandomPassword(16); |
|
| 953 |
# Create a hashed version of the password |
|
| 954 |
my $shapass = createSeededPassHash($query->param('userPassword'));
|
|
| 955 |
my $additions = [ |
|
| 956 |
'uid' => $query->param('uid'),
|
|
| 957 |
'cn' => join(" ", $query->param('givenName'),
|
|
| 958 |
$query->param('sn')),
|
|
| 959 |
'sn' => $query->param('sn'),
|
|
| 960 |
'givenName' => $query->param('givenName'),
|
|
| 961 |
'mail' => $query->param('mail'),
|
|
| 962 |
'userPassword' => $shapass, |
|
| 963 |
'employeeNumber' => $randomStr, |
|
| 964 |
'objectclass' => ['top', 'person', 'organizationalPerson', |
|
| 965 |
'inetOrgPerson', 'uidObject' ] |
|
| 966 |
]; |
|
| 967 |
if (defined($query->param('telephoneNumber')) &&
|
|
| 968 |
$query->param('telephoneNumber') &&
|
|
| 969 |
! $query->param('telephoneNumber') =~ /^\s+$/) {
|
|
| 970 |
$$additions[$#$additions + 1] = 'telephoneNumber'; |
|
| 971 |
$$additions[$#$additions + 1] = $query->param('telephoneNumber');
|
|
| 972 |
} |
|
| 973 |
if (defined($query->param('title')) &&
|
|
| 974 |
$query->param('title') &&
|
|
| 975 |
! $query->param('title') =~ /^\s+$/) {
|
|
| 976 |
$$additions[$#$additions + 1] = 'title'; |
|
| 977 |
$$additions[$#$additions + 1] = $query->param('title');
|
|
| 978 |
} |
|
| 979 |
my $dn; |
|
| 980 |
if($org) {
|
|
| 981 |
$$additions[$#$additions + 1] = 'o'; |
|
| 982 |
$$additions[$#$additions + 1] = $org; |
|
| 983 |
$dn='uid=' . $query->param('uid') . ',' . 'o=' . $org . ',' . $tmpSearchBase;
|
|
| 984 |
} else {
|
|
| 985 |
$$additions[$#$additions + 1] = 'ou'; |
|
| 986 |
$$additions[$#$additions + 1] = $ou; |
|
| 987 |
$dn='uid=' . $query->param('uid') . ',' . 'ou=' . $ou . ',' . $tmpSearchBase;
|
|
| 988 |
} |
|
| 989 |
my $tmp = 1; |
|
| 990 |
createAccount2($dn, $ldapUsername, $ldapPassword, $additions, $tmp, $allParams); |
|
| 946 | 991 |
|
| 992 |
|
|
| 993 |
####################send the verification email to the user |
|
| 994 |
|
|
| 947 | 995 |
#$query->param('o','tmp');
|
| 948 |
#createAccount($allParams); |
|
| 949 | 996 |
#$query->param('o',$org);
|
| 950 | 997 |
#constrct url |
| 951 | 998 |
#my $link = |
| ... | ... | |
| 957 | 1004 |
# Bind to LDAP and create a new account using the information provided |
| 958 | 1005 |
# by the user |
| 959 | 1006 |
# |
| 1007 |
sub createAccount2 {
|
|
| 1008 |
my $dn = shift; |
|
| 1009 |
my $ldapUsername = shift; |
|
| 1010 |
my $ldapPassword = shift; |
|
| 1011 |
my $additions = shift; |
|
| 1012 |
my $temp = shift; #if it is for a temporary account. |
|
| 1013 |
my $allParams = shift; |
|
| 1014 |
|
|
| 1015 |
my @failureTemplate; |
|
| 1016 |
if($temp){
|
|
| 1017 |
@failureTemplate = ['registerFailed', 'register']; |
|
| 1018 |
} else {
|
|
| 1019 |
@failureTemplate = ['registerFailed']; |
|
| 1020 |
} |
|
| 1021 |
print "Content-type: text/html\n\n"; |
|
| 1022 |
debug("the dn is " . $dn);
|
|
| 1023 |
debug("LDAP connection to $ldapurl...");
|
|
| 1024 |
#if main ldap server is down, a html file containing warning message will be returned |
|
| 1025 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
|
| 1026 |
if ($ldap) {
|
|
| 1027 |
$ldap->start_tls( verify => 'none'); |
|
| 1028 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword");
|
|
| 1029 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
|
| 1030 |
debug(" 1 here is the additions " . $additions);
|
|
| 1031 |
debug(" 2 here is the additions " . @$additions);
|
|
| 1032 |
debug(" 3 here is the additions " . [@$additions]);
|
|
| 1033 |
my $result = $ldap->add ( 'dn' => $dn, 'attr' => [@$additions ]); |
|
| 1034 |
if ($result->code()) {
|
|
| 1035 |
fullTemplate(@failureTemplate, { stage => "register",
|
|
| 1036 |
allParams => $allParams, |
|
| 1037 |
errorMessage => $result->error }); |
|
| 1038 |
# TODO SCW was included as separate errors, test this |
|
| 1039 |
#$templateVars = setVars({ stage => "register",
|
|
| 1040 |
# allParams => $allParams }); |
|
| 1041 |
#$template->process( $templates->{'register'}, $templateVars);
|
|
| 1042 |
} else {
|
|
| 1043 |
fullTemplate( ['success'] ); |
|
| 1044 |
} |
|
| 1045 |
$ldap->unbind; # take down session |
|
| 1046 |
|
|
| 1047 |
} else {
|
|
| 1048 |
fullTemplate(@failureTemplate, { stage => "register",
|
|
| 1049 |
allParams => $allParams, |
|
| 1050 |
errorMessage => "The ldap server is not available now. Please try it later"}); |
|
| 1051 |
exit(0); |
|
| 1052 |
} |
|
| 1053 |
|
|
| 1054 |
} |
|
| 1055 |
|
|
| 1056 |
# |
|
| 1057 |
# Bind to LDAP and create a new account using the information provided |
|
| 1058 |
# by the user |
|
| 1059 |
# |
|
| 960 | 1060 |
sub createAccount {
|
| 961 | 1061 |
my $allParams = shift; |
| 962 | 1062 |
|
| ... | ... | |
| 1223 | 1323 |
|
| 1224 | 1324 |
return $templateVars; |
| 1225 | 1325 |
} |
| 1326 |
|
|
Also available in: Unified diff
Add code to add a user to the tmp subtree.