Subversion Repositories wimsdev

Rev

Rev 4613 | Rev 4993 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
20 reyssat 1
 
2
# Input variables: authdef=def file.
3
# Parameters: auth_user, auth_password.
4
 
468 bpr 5
auth_test=ERROR
6
auth_real_login=ERROR
7
 
8
 
20 reyssat 9
ldap_find=!sh which ldapsearch
10
!if $ldap_find issametext $empty
11
 auth_test=ERROR no_ldap
12
 !exit
13
!endif
14
 
15
ldap_host=!defof class_ldap_host in $authdef
4613 bpr 16
!default ldap_host=!defof ldap_host in wimshome/log/wims.conf
468 bpr 17
 
20 reyssat 18
ldap_port=!defof class_ldap_port in $authdef
4613 bpr 19
!default ldap_port=!defof ldap_port in wimshome/log/wims.conf
468 bpr 20
 
20 reyssat 21
ldap_version=!defof class_ldap_version in $authdef
4613 bpr 22
!default ldap_version=!defof ldap_version in wimshome/log/wims.conf
468 bpr 23
 
20 reyssat 24
ldap_base=!defof class_ldap_base in $authdef
4613 bpr 25
!default ldap_base=!defof ldap_base in wimshome/log/wims.conf
468 bpr 26
 
20 reyssat 27
ldap_branch=!defof class_ldap_branch in $authdef
4613 bpr 28
!default ldap_branch=!defof ldap_branch in wimshome/log/wims.conf
468 bpr 29
 
20 reyssat 30
ldap_uid=!defof class_ldap_uid in $authdef
4613 bpr 31
!default ldap_uid=!defof ldap_uid in wimshome/log/wims.conf
32
 
468 bpr 33
#ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]),$ldap_branch,$ldap_base
34
ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1])
20 reyssat 35
 
468 bpr 36
ldap_login=!defof class_ldap_login in $authdef
4613 bpr 37
!default ldap_login=!defof ldap_login in wimshome/log/wims.conf
20 reyssat 38
 
468 bpr 39
!if $ldap_login=$empty or $ldap_uid=$empty or $ldap_base=$empty \
40
       or $ldap_branch=$empty  or $ldap_host=$empty 
41
   auth_test=ERROR no_ldap_config
42
   !exit
43
!endif
44
 
45
ldap_search=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' -D "$ldap_id , $ldap_base" -w '$(wims_read_parm[2])'
46
 
4613 bpr 47
atest=result: 0 Success
48
btest=# numEntries: 1
49
firstcond=0
50
 
20 reyssat 51
ldap_cnt=!linecnt $ldap_search
52
!for i=1 to $ldap_cnt
53
 l=!line $i of $ldap_search
4613 bpr 54
 field=!word 1 of $l
468 bpr 55
 
56
 !if $field iswordof $ldap_login:
57
  auth_real_login=!word 2 of $l
58
 !endif
59
 
4613 bpr 60
 !if $l issametext $atest
61
  !increase firstcond
20 reyssat 62
 !endif
4613 bpr 63
 !if $l issametext $btest
64
  !increase firstcond
65
 !endif
20 reyssat 66
!next i
4613 bpr 67
!if $firstcond=2
68
  !!! now the user exists and password is good
69
  !!! find eventually  wims login
70
  !if $ldap_login issametext $ldap_uid
71
     auth_test=!replace internal " by  in $(wims_read_parm[1])
72
  !else
4637 bpr 73
   !if $auth_real_login!= and $auth_real_login!=ERROR
4613 bpr 74
     auth_test=$auth_real_login
75
   !else
76
    !! one looks for the ldap_login in an anonymous way (no password)
77
    ldap_search2=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' $ldap_login | grep -v "^[d]n:"
4637 bpr 78
    ldap_search2=!replace internal :$ $ by , in $ldap_search2
79
    ldap_cnt2=!linecnt $ldap_search2
80
 
81
    !for i=1 to $ldap_cnt2
82
     l=!line $i of $ldap_search2
83
     field=!item 1 of $l
84
     !if $field iswordof $ldap_login
85
      auth_real_login=!item 2 of $l
86
     !endif 
87
    !next
4613 bpr 88
    !if $auth_real_login!=
89
      auth_test=$auth_real_login
90
    !endif
91
   !endif
92
  !endif
93
!endif
633 bpr 94
 
809 bpr 95
cnt_=!charcnt $auth_test
96
!if $cnt_=3
97
 auth_test=!nospace $auth_test 0
98
!endif
4613 bpr 99
!if $cnt_<=2
100
  auth_test=ERROR
101
!endif
20 reyssat 102
auth_error=$wims_exec_error
4613 bpr 103
!reset wims_exec_error