Revision 8877
Added by Jing Tao about 10 years ago
ldapweb.cgi | ||
---|---|---|
566 | 566 |
|
567 | 567 |
# Remove any expired temporary accounts for this subtree before continuing |
568 | 568 |
clearTemporaryAccounts(); |
569 |
|
|
569 |
|
|
570 |
# Check if the uid was taken in the production space |
|
571 |
my @attrs = [ 'uid', 'o', 'ou', 'cn', 'mail', 'telephoneNumber', 'title' ]; |
|
572 |
my $uidExists; |
|
573 |
my $uid=$query->param('uid'); |
|
574 |
my $uidFilter = "uid=" . $uid; |
|
575 |
my $newSearchBase = $ldapConfig->{$query->param('o')}{'org'} . "," . $searchBase; |
|
576 |
debug("the new search base is $newSearchBase"); |
|
577 |
$uidExists = uidExists($ldapurl, $newSearchBase, $uidFilter, \@attrs); |
|
578 |
debug("the result of uidExists $uidExists"); |
|
579 |
if($uidExists) { |
|
580 |
print "Content-type: text/html\n\n"; |
|
581 |
my $errorMessage = $uidExists; |
|
582 |
fullTemplate( ['registerFailed', 'register'], { stage => "register", |
|
583 |
allParams => $allParams, |
|
584 |
errorMessage => $errorMessage }); |
|
585 |
exit(); |
|
586 |
} |
|
570 | 587 |
# Search LDAP for matching entries that already exist |
571 | 588 |
# Some forms use a single text search box, whereas others search per |
572 | 589 |
# attribute. |
... | ... | |
588 | 605 |
")"; |
589 | 606 |
} |
590 | 607 |
|
591 |
my @attrs = [ 'uid', 'o', 'ou', 'cn', 'mail', 'telephoneNumber', 'title' ]; |
|
592 | 608 |
my $found = findExistingAccounts($ldapurl, $searchBase, $filter, \@attrs); |
593 | 609 |
|
594 | 610 |
# If entries match, send back a request to confirm new-user creation |
... | ... | |
980 | 996 |
} |
981 | 997 |
|
982 | 998 |
# |
999 |
# search the LDAP production space to see if a uid already exists |
|
1000 |
# |
|
1001 |
sub uidExists { |
|
1002 |
my $ldapurl = shift; |
|
1003 |
debug("the ldap ulr is $ldapurl"); |
|
1004 |
my $base = shift; |
|
1005 |
debug("the base is $base"); |
|
1006 |
my $filter = shift; |
|
1007 |
debug("the filter is $filter"); |
|
1008 |
my $attref = shift; |
|
1009 |
|
|
1010 |
my $ldap; |
|
1011 |
my $mesg; |
|
1012 |
|
|
1013 |
my $foundAccounts = 0; |
|
1014 |
|
|
1015 |
#if main ldap server is down, a html file containing warning message will be returned |
|
1016 |
debug("uidExists: connecting to $ldapurl, $timeout"); |
|
1017 |
$ldap = Net::LDAP->new($ldapurl, timeout => $timeout) or handleLDAPBindFailure($ldapurl); |
|
1018 |
if ($ldap) { |
|
1019 |
$ldap->start_tls( verify => 'none'); |
|
1020 |
#$ldap->start_tls( verify => 'require', |
|
1021 |
# cafile => $ldapServerCACertFile); |
|
1022 |
$ldap->bind( version => 3, anonymous => 1); |
|
1023 |
$mesg = $ldap->search ( |
|
1024 |
base => $base, |
|
1025 |
filter => $filter, |
|
1026 |
attrs => @$attref, |
|
1027 |
); |
|
1028 |
debug("the message count is " . $mesg->count()); |
|
1029 |
if ($mesg->count() > 0) { |
|
1030 |
$foundAccounts = "The username has been taken already by another user. Please choose a different one."; |
|
1031 |
|
|
1032 |
} |
|
1033 |
$ldap->unbind; # take down session |
|
1034 |
} else { |
|
1035 |
$foundAccounts = "The ldap server is not running"; |
|
1036 |
} |
|
1037 |
return $foundAccounts; |
|
1038 |
} |
|
1039 |
|
|
1040 |
# |
|
983 | 1041 |
# search the LDAP directory to see if a similar account already exists |
984 | 1042 |
# |
985 | 1043 |
sub findExistingAccounts { |
... | ... | |
1683 | 1741 |
my $entry = $mesg->pop_entry; |
1684 | 1742 |
$storedUidNumber = $entry->get_value($attribute_name_store_next_uid); |
1685 | 1743 |
} |
1686 |
my $authBase = $properties->getProperty("auth.base");
|
|
1744 |
my $authBase = $properties->getProperty("auth.base");
|
|
1687 | 1745 |
my $uids = $ldap->search( |
1688 | 1746 |
base => $authBase, |
1689 | 1747 |
scope => "sub", |
Also available in: Unified diff
dd a new routine to check if the uid has been taken already in the production space during the creation process.