Subversion Repositories wimsdev

Rev

Rev 4613 | Rev 4993 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
20 reyssat 1 
 
2 
# Input variables: authdef=def file.
3 
# Parameters: auth_user, auth_password.
4 
 
468 bpr 5 
auth_test=ERROR
6 
auth_real_login=ERROR
7 
 
8 
 
20 reyssat 9 
ldap_find=!sh which ldapsearch
10 
!if $ldap_find issametext $empty
11 
 auth_test=ERROR no_ldap
12 
 !exit
13 
!endif
14 
 
15 
ldap_host=!defof class_ldap_host in $authdef
4613 bpr 16 
!default ldap_host=!defof ldap_host in wimshome/log/wims.conf
468 bpr 17 
 
20 reyssat 18 
ldap_port=!defof class_ldap_port in $authdef
4613 bpr 19 
!default ldap_port=!defof ldap_port in wimshome/log/wims.conf
468 bpr 20 
 
20 reyssat 21 
ldap_version=!defof class_ldap_version in $authdef
4613 bpr 22 
!default ldap_version=!defof ldap_version in wimshome/log/wims.conf
468 bpr 23 
 
20 reyssat 24 
ldap_base=!defof class_ldap_base in $authdef
4613 bpr 25 
!default ldap_base=!defof ldap_base in wimshome/log/wims.conf
468 bpr 26 
 
20 reyssat 27 
ldap_branch=!defof class_ldap_branch in $authdef
4613 bpr 28 
!default ldap_branch=!defof ldap_branch in wimshome/log/wims.conf
468 bpr 29 
 
20 reyssat 30 
ldap_uid=!defof class_ldap_uid in $authdef
4613 bpr 31 
!default ldap_uid=!defof ldap_uid in wimshome/log/wims.conf
32 
 
468 bpr 33 
#ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]),$ldap_branch,$ldap_base
34 
ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1])
20 reyssat 35 
 
468 bpr 36 
ldap_login=!defof class_ldap_login in $authdef
4613 bpr 37 
!default ldap_login=!defof ldap_login in wimshome/log/wims.conf
20 reyssat 38 
 
468 bpr 39 
!if $ldap_login=$empty or $ldap_uid=$empty or $ldap_base=$empty \
40 
       or $ldap_branch=$empty  or $ldap_host=$empty
41 
   auth_test=ERROR no_ldap_config
42 
   !exit
43 
!endif
44 
 
45 
ldap_search=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' -D "$ldap_id , $ldap_base" -w '$(wims_read_parm[2])'
46 
 
4613 bpr 47 
atest=result: 0 Success
48 
btest=# numEntries: 1
49 
firstcond=0
50 
 
20 reyssat 51 
ldap_cnt=!linecnt $ldap_search
52 
!for i=1 to $ldap_cnt
53 
 l=!line $i of $ldap_search
4613 bpr 54 
 field=!word 1 of $l
468 bpr 55 
 
56 
 !if $field iswordof $ldap_login:
57 
  auth_real_login=!word 2 of $l
58 
 !endif
59 
 
4613 bpr 60 
 !if $l issametext $atest
61 
  !increase firstcond
20 reyssat 62 
 !endif
4613 bpr 63 
 !if $l issametext $btest
64 
  !increase firstcond
65 
 !endif
20 reyssat 66 
!next i
4613 bpr 67 
!if $firstcond=2
68 
  !!! now the user exists and password is good
69 
  !!! find eventually  wims login
70 
  !if $ldap_login issametext $ldap_uid
71 
     auth_test=!replace internal " by  in $(wims_read_parm[1])
72 
  !else
4637 bpr 73 
   !if $auth_real_login!= and $auth_real_login!=ERROR
4613 bpr 74 
     auth_test=$auth_real_login
75 
   !else
76 
    !! one looks for the ldap_login in an anonymous way (no password)
77 
    ldap_search2=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' $ldap_login | grep -v "^[d]n:"
4637 bpr 78 
    ldap_search2=!replace internal :$ $ by , in $ldap_search2
79 
    ldap_cnt2=!linecnt $ldap_search2
80 
 
81 
    !for i=1 to $ldap_cnt2
82 
     l=!line $i of $ldap_search2
83 
     field=!item 1 of $l
84 
     !if $field iswordof $ldap_login
85 
      auth_real_login=!item 2 of $l
86 
     !endif
87 
    !next
4613 bpr 88 
    !if $auth_real_login!=
89 
      auth_test=$auth_real_login
90 
    !endif
91 
   !endif
92 
  !endif
93 
!endif
633 bpr 94 
 
809 bpr 95 
cnt_=!charcnt $auth_test
96 
!if $cnt_=3
97 
 auth_test=!nospace $auth_test 0
98 
!endif
4613 bpr 99 
!if $cnt_<=2
100 
  auth_test=ERROR
101 
!endif
20 reyssat 102 
auth_error=$wims_exec_error
4613 bpr 103 
!reset wims_exec_error