Revision 8180
Added by Jing Tao over 11 years ago
src/perl/ldapweb.cgi | ||
---|---|---|
268 | 268 |
'initchangepass' => \&handleInitialChangePassword, |
269 | 269 |
'resetpass' => \&handleResetPassword, |
270 | 270 |
'initresetpass' => \&handleInitialResetPassword, |
271 |
'createtemppass' => \&createTemporaryAccount, |
|
272 | 271 |
); |
273 | 272 |
|
274 | 273 |
# call the appropriate routine based on the stage |
... | ... | |
397 | 396 |
foundAccounts => $found }); |
398 | 397 |
# Otherwise, create a new user in the LDAP directory |
399 | 398 |
} else { |
400 |
createAccount($allParams); |
|
399 |
createTemporaryAccount($allParams);
|
|
401 | 400 |
} |
402 | 401 |
|
403 | 402 |
exit(); |
... | ... | |
420 | 419 |
'title' => $query->param('title'), |
421 | 420 |
'telephoneNumber' => $query->param('telephoneNumber') }; |
422 | 421 |
print "Content-type: text/html\n\n"; |
423 |
createAccount($allParams); |
|
422 |
createTemporaryAccount($allParams);
|
|
424 | 423 |
exit(); |
425 | 424 |
} |
426 | 425 |
|
... | ... | |
868 | 867 |
# |
869 | 868 |
sub createTemporaryAccount { |
870 | 869 |
my $allParams = shift; |
871 |
#my $org = $query->param('o');
|
|
872 |
my $org = 'unaffiliated'; |
|
870 |
my $org = $query->param('o'); |
|
871 |
#my $org = 'unaffiliated';
|
|
873 | 872 |
my $ou = $query->param('ou'); |
874 | 873 |
#my $ou = 'LTER'; |
875 |
my $uid = $query->param('uid'); |
|
876 | 874 |
|
877 |
#to see if the organizaton exist
|
|
875 |
################## Search LDAP for matching o or ou that already exist
|
|
878 | 876 |
my $tmpSearchBase = 'dc=tmp,' . $authBase; |
879 |
print "Content-type: text/html\n\n"; |
|
880 |
|
|
881 |
my $filter; |
|
882 |
# Search LDAP for matching o or ou that already exist |
|
877 |
my $filter; |
|
883 | 878 |
if($org) { |
884 | 879 |
$filter = "(o" |
885 | 880 |
. "=" . $org . |
... | ... | |
892 | 887 |
debug("search filer " . $filter); |
893 | 888 |
debug("ldap server ". $ldapurl); |
894 | 889 |
debug("sesarch base " . $tmpSearchBase); |
890 |
print "Content-type: text/html\n\n"; |
|
895 | 891 |
my @attrs = ['o', 'ou' ]; |
896 | 892 |
my $found = searchDirectory($ldapurl, $tmpSearchBase, $filter, \@attrs); |
893 |
|
|
894 |
my $ldapUsername = $ldapConfig->{$org}{'user'}; |
|
895 |
my $ldapPassword = $ldapConfig->{$org}{'password'}; |
|
896 |
debug("LDAP connection to $ldapurl..."); |
|
897 |
|
|
898 |
|
|
897 | 899 |
if(!$found) { |
900 |
debug("generate the subtree in the dc=tmp==========================="); |
|
898 | 901 |
#need to generate the subtree o or ou |
899 |
my $ldapUsername = $ldapConfig->{$org}{'user'}; |
|
900 |
my $ldapPassword = $ldapConfig->{$org}{'password'}; |
|
901 |
debug("LDAP connection to $ldapurl..."); |
|
902 |
my $dn; |
|
902 | 903 |
#if main ldap server is down, a html file containing warning message will be returned |
903 | 904 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
904 |
my $dn; |
|
905 | 905 |
if ($ldap) { |
906 | 906 |
$ldap->start_tls( verify => 'none'); |
907 | 907 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword"); |
908 | 908 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
909 |
|
|
910 |
# Do the insertion |
|
911 | 909 |
my $additions; |
912 | 910 |
if($org) { |
913 | 911 |
$additions = [ |
... | ... | |
922 | 920 |
]; |
923 | 921 |
$dn='ou=' . $ou . ',' . $tmpSearchBase; |
924 | 922 |
} |
925 |
|
|
923 |
# Do the insertion |
|
924 |
debug(" 1-1 here is the additions " . $additions); |
|
925 |
debug(" 2-1 here is the additions " . @$additions); |
|
926 |
debug(" 3-1 here is the additions " . [@$additions]); |
|
926 | 927 |
my $result = $ldap->add ( 'dn' => $dn, 'attr' => [ @$additions ]); |
927 | 928 |
if ($result->code()) { |
928 | 929 |
fullTemplate( ['registerFailed', 'register'], { stage => "register", |
929 | 930 |
allParams => $allParams, |
930 | 931 |
errorMessage => $result->error }); |
932 |
$ldap->unbind; # take down session |
|
933 |
exist(0) |
|
931 | 934 |
# TODO SCW was included as separate errors, test this |
932 | 935 |
#$templateVars = setVars({ stage => "register", |
933 | 936 |
# allParams => $allParams }); |
934 | 937 |
#$template->process( $templates->{'register'}, $templateVars); |
935 | 938 |
} |
936 | 939 |
$ldap->unbind; # take down session |
937 |
} else {
|
|
940 |
} else { |
|
938 | 941 |
fullTemplate( ['registerFailed', 'register'], { stage => "register", |
939 | 942 |
allParams => $allParams, |
940 | 943 |
errorMessage => "The ldap server is not available now. Please try it later"}); |
941 | 944 |
exit(0); |
942 |
} |
|
945 |
} |
|
946 |
|
|
943 | 947 |
} |
944 | 948 |
|
949 |
################create an account under tmp subtree |
|
945 | 950 |
|
951 |
#generate a randomstr for matching the email. |
|
952 |
my $randomStr = getRandomPassword(16); |
|
953 |
# Create a hashed version of the password |
|
954 |
my $shapass = createSeededPassHash($query->param('userPassword')); |
|
955 |
my $additions = [ |
|
956 |
'uid' => $query->param('uid'), |
|
957 |
'cn' => join(" ", $query->param('givenName'), |
|
958 |
$query->param('sn')), |
|
959 |
'sn' => $query->param('sn'), |
|
960 |
'givenName' => $query->param('givenName'), |
|
961 |
'mail' => $query->param('mail'), |
|
962 |
'userPassword' => $shapass, |
|
963 |
'employeeNumber' => $randomStr, |
|
964 |
'objectclass' => ['top', 'person', 'organizationalPerson', |
|
965 |
'inetOrgPerson', 'uidObject' ] |
|
966 |
]; |
|
967 |
if (defined($query->param('telephoneNumber')) && |
|
968 |
$query->param('telephoneNumber') && |
|
969 |
! $query->param('telephoneNumber') =~ /^\s+$/) { |
|
970 |
$$additions[$#$additions + 1] = 'telephoneNumber'; |
|
971 |
$$additions[$#$additions + 1] = $query->param('telephoneNumber'); |
|
972 |
} |
|
973 |
if (defined($query->param('title')) && |
|
974 |
$query->param('title') && |
|
975 |
! $query->param('title') =~ /^\s+$/) { |
|
976 |
$$additions[$#$additions + 1] = 'title'; |
|
977 |
$$additions[$#$additions + 1] = $query->param('title'); |
|
978 |
} |
|
979 |
my $dn; |
|
980 |
if($org) { |
|
981 |
$$additions[$#$additions + 1] = 'o'; |
|
982 |
$$additions[$#$additions + 1] = $org; |
|
983 |
$dn='uid=' . $query->param('uid') . ',' . 'o=' . $org . ',' . $tmpSearchBase; |
|
984 |
} else { |
|
985 |
$$additions[$#$additions + 1] = 'ou'; |
|
986 |
$$additions[$#$additions + 1] = $ou; |
|
987 |
$dn='uid=' . $query->param('uid') . ',' . 'ou=' . $ou . ',' . $tmpSearchBase; |
|
988 |
} |
|
989 |
my $tmp = 1; |
|
990 |
createAccount2($dn, $ldapUsername, $ldapPassword, $additions, $tmp, $allParams); |
|
946 | 991 |
|
992 |
|
|
993 |
####################send the verification email to the user |
|
994 |
|
|
947 | 995 |
#$query->param('o','tmp'); |
948 |
#createAccount($allParams); |
|
949 | 996 |
#$query->param('o',$org); |
950 | 997 |
#constrct url |
951 | 998 |
#my $link = |
... | ... | |
957 | 1004 |
# Bind to LDAP and create a new account using the information provided |
958 | 1005 |
# by the user |
959 | 1006 |
# |
1007 |
sub createAccount2 { |
|
1008 |
my $dn = shift; |
|
1009 |
my $ldapUsername = shift; |
|
1010 |
my $ldapPassword = shift; |
|
1011 |
my $additions = shift; |
|
1012 |
my $temp = shift; #if it is for a temporary account. |
|
1013 |
my $allParams = shift; |
|
1014 |
|
|
1015 |
my @failureTemplate; |
|
1016 |
if($temp){ |
|
1017 |
@failureTemplate = ['registerFailed', 'register']; |
|
1018 |
} else { |
|
1019 |
@failureTemplate = ['registerFailed']; |
|
1020 |
} |
|
1021 |
print "Content-type: text/html\n\n"; |
|
1022 |
debug("the dn is " . $dn); |
|
1023 |
debug("LDAP connection to $ldapurl..."); |
|
1024 |
#if main ldap server is down, a html file containing warning message will be returned |
|
1025 |
my $ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
|
1026 |
if ($ldap) { |
|
1027 |
$ldap->start_tls( verify => 'none'); |
|
1028 |
debug("Attempting to bind to LDAP server with dn = $ldapUsername, pwd = $ldapPassword"); |
|
1029 |
$ldap->bind( version => 3, dn => $ldapUsername, password => $ldapPassword ); |
|
1030 |
debug(" 1 here is the additions " . $additions); |
|
1031 |
debug(" 2 here is the additions " . @$additions); |
|
1032 |
debug(" 3 here is the additions " . [@$additions]); |
|
1033 |
my $result = $ldap->add ( 'dn' => $dn, 'attr' => [@$additions ]); |
|
1034 |
if ($result->code()) { |
|
1035 |
fullTemplate(@failureTemplate, { stage => "register", |
|
1036 |
allParams => $allParams, |
|
1037 |
errorMessage => $result->error }); |
|
1038 |
# TODO SCW was included as separate errors, test this |
|
1039 |
#$templateVars = setVars({ stage => "register", |
|
1040 |
# allParams => $allParams }); |
|
1041 |
#$template->process( $templates->{'register'}, $templateVars); |
|
1042 |
} else { |
|
1043 |
fullTemplate( ['success'] ); |
|
1044 |
} |
|
1045 |
$ldap->unbind; # take down session |
|
1046 |
|
|
1047 |
} else { |
|
1048 |
fullTemplate(@failureTemplate, { stage => "register", |
|
1049 |
allParams => $allParams, |
|
1050 |
errorMessage => "The ldap server is not available now. Please try it later"}); |
|
1051 |
exit(0); |
|
1052 |
} |
|
1053 |
|
|
1054 |
} |
|
1055 |
|
|
1056 |
# |
|
1057 |
# Bind to LDAP and create a new account using the information provided |
|
1058 |
# by the user |
|
1059 |
# |
|
960 | 1060 |
sub createAccount { |
961 | 1061 |
my $allParams = shift; |
962 | 1062 |
|
... | ... | |
1223 | 1323 |
|
1224 | 1324 |
return $templateVars; |
1225 | 1325 |
} |
1326 |
|
Also available in: Unified diff
Add code to add a user to the tmp subtree.