Rev 4613 | Rev 4993 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
20 | reyssat | 1 | |
2 | # Input variables: authdef=def file. |
||
3 | # Parameters: auth_user, auth_password. |
||
4 | |||
468 | bpr | 5 | auth_test=ERROR |
6 | auth_real_login=ERROR |
||
7 | |||
8 | |||
20 | reyssat | 9 | ldap_find=!sh which ldapsearch |
10 | !if $ldap_find issametext $empty |
||
11 | auth_test=ERROR no_ldap |
||
12 | !exit |
||
13 | !endif |
||
14 | |||
15 | ldap_host=!defof class_ldap_host in $authdef |
||
4613 | bpr | 16 | !default ldap_host=!defof ldap_host in wimshome/log/wims.conf |
468 | bpr | 17 | |
20 | reyssat | 18 | ldap_port=!defof class_ldap_port in $authdef |
4613 | bpr | 19 | !default ldap_port=!defof ldap_port in wimshome/log/wims.conf |
468 | bpr | 20 | |
20 | reyssat | 21 | ldap_version=!defof class_ldap_version in $authdef |
4613 | bpr | 22 | !default ldap_version=!defof ldap_version in wimshome/log/wims.conf |
468 | bpr | 23 | |
20 | reyssat | 24 | ldap_base=!defof class_ldap_base in $authdef |
4613 | bpr | 25 | !default ldap_base=!defof ldap_base in wimshome/log/wims.conf |
468 | bpr | 26 | |
20 | reyssat | 27 | ldap_branch=!defof class_ldap_branch in $authdef |
4613 | bpr | 28 | !default ldap_branch=!defof ldap_branch in wimshome/log/wims.conf |
468 | bpr | 29 | |
20 | reyssat | 30 | ldap_uid=!defof class_ldap_uid in $authdef |
4613 | bpr | 31 | !default ldap_uid=!defof ldap_uid in wimshome/log/wims.conf |
32 | |||
468 | bpr | 33 | #ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]),$ldap_branch,$ldap_base |
34 | ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]) |
||
20 | reyssat | 35 | |
468 | bpr | 36 | ldap_login=!defof class_ldap_login in $authdef |
4613 | bpr | 37 | !default ldap_login=!defof ldap_login in wimshome/log/wims.conf |
20 | reyssat | 38 | |
468 | bpr | 39 | !if $ldap_login=$empty or $ldap_uid=$empty or $ldap_base=$empty \ |
40 | or $ldap_branch=$empty or $ldap_host=$empty |
||
41 | auth_test=ERROR no_ldap_config |
||
42 | !exit |
||
43 | !endif |
||
44 | |||
45 | ldap_search=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' -D "$ldap_id , $ldap_base" -w '$(wims_read_parm[2])' |
||
46 | |||
4613 | bpr | 47 | atest=result: 0 Success |
48 | btest=# numEntries: 1 |
||
49 | firstcond=0 |
||
50 | |||
20 | reyssat | 51 | ldap_cnt=!linecnt $ldap_search |
52 | !for i=1 to $ldap_cnt |
||
53 | l=!line $i of $ldap_search |
||
4613 | bpr | 54 | field=!word 1 of $l |
468 | bpr | 55 | |
56 | !if $field iswordof $ldap_login: |
||
57 | auth_real_login=!word 2 of $l |
||
58 | !endif |
||
59 | |||
4613 | bpr | 60 | !if $l issametext $atest |
61 | !increase firstcond |
||
20 | reyssat | 62 | !endif |
4613 | bpr | 63 | !if $l issametext $btest |
64 | !increase firstcond |
||
65 | !endif |
||
20 | reyssat | 66 | !next i |
4613 | bpr | 67 | !if $firstcond=2 |
68 | !!! now the user exists and password is good |
||
69 | !!! find eventually wims login |
||
70 | !if $ldap_login issametext $ldap_uid |
||
71 | auth_test=!replace internal " by in $(wims_read_parm[1]) |
||
72 | !else |
||
4637 | bpr | 73 | !if $auth_real_login!= and $auth_real_login!=ERROR |
4613 | bpr | 74 | auth_test=$auth_real_login |
75 | !else |
||
76 | !! one looks for the ldap_login in an anonymous way (no password) |
||
77 | ldap_search2=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' $ldap_login | grep -v "^[d]n:" |
||
4637 | bpr | 78 | ldap_search2=!replace internal :$ $ by , in $ldap_search2 |
79 | ldap_cnt2=!linecnt $ldap_search2 |
||
80 | |||
81 | !for i=1 to $ldap_cnt2 |
||
82 | l=!line $i of $ldap_search2 |
||
83 | field=!item 1 of $l |
||
84 | !if $field iswordof $ldap_login |
||
85 | auth_real_login=!item 2 of $l |
||
86 | !endif |
||
87 | !next |
||
4613 | bpr | 88 | !if $auth_real_login!= |
89 | auth_test=$auth_real_login |
||
90 | !endif |
||
91 | !endif |
||
92 | !endif |
||
93 | !endif |
||
633 | bpr | 94 | |
809 | bpr | 95 | cnt_=!charcnt $auth_test |
96 | !if $cnt_=3 |
||
97 | auth_test=!nospace $auth_test 0 |
||
98 | !endif |
||
4613 | bpr | 99 | !if $cnt_<=2 |
100 | auth_test=ERROR |
||
101 | !endif |
||
20 | reyssat | 102 | auth_error=$wims_exec_error |
4613 | bpr | 103 | !reset wims_exec_error |