Subversion Repositories wimsdev

Rev

Rev 5015 | Rev 5099 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
20 reyssat 1
 
2
# Input variables: authdef=def file.
3
# Parameters: auth_user, auth_password.
4993 bpr 4
# output : auth_test, auth_user
20 reyssat 5
 
468 bpr 6
auth_test=ERROR
7
auth_real_login=ERROR
8
 
9
 
20 reyssat 10
ldap_find=!sh which ldapsearch
11
!if $ldap_find issametext $empty
12
 auth_test=ERROR no_ldap
13
 !exit
14
!endif
15
 
5015 bpr 16
ldap_auth=!defof class_ldap_auth in $authdef
17
!default ldap_auth=!defof ldap_auth in wimshome/log/wims.conf
468 bpr 18
 
20 reyssat 19
ldap_port=!defof class_ldap_port in $authdef
4613 bpr 20
!default ldap_port=!defof ldap_port in wimshome/log/wims.conf
468 bpr 21
 
20 reyssat 22
ldap_version=!defof class_ldap_version in $authdef
4613 bpr 23
!default ldap_version=!defof ldap_version in wimshome/log/wims.conf
468 bpr 24
 
20 reyssat 25
ldap_base=!defof class_ldap_base in $authdef
4613 bpr 26
!default ldap_base=!defof ldap_base in wimshome/log/wims.conf
468 bpr 27
 
20 reyssat 28
ldap_branch=!defof class_ldap_branch in $authdef
4613 bpr 29
!default ldap_branch=!defof ldap_branch in wimshome/log/wims.conf
468 bpr 30
 
20 reyssat 31
ldap_uid=!defof class_ldap_uid in $authdef
4613 bpr 32
!default ldap_uid=!defof ldap_uid in wimshome/log/wims.conf
33
 
468 bpr 34
#ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]),$ldap_branch,$ldap_base
35
ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1])
20 reyssat 36
 
468 bpr 37
ldap_login=!defof class_ldap_login in $authdef
4613 bpr 38
!default ldap_login=!defof ldap_login in wimshome/log/wims.conf
20 reyssat 39
 
468 bpr 40
!if $ldap_login=$empty or $ldap_uid=$empty or $ldap_base=$empty \
5015 bpr 41
       or $ldap_branch=$empty  or $ldap_auth=$empty 
468 bpr 42
   auth_test=ERROR no_ldap_config
43
   !exit
44
!endif
45
 
5072 bpr 46
ldap_search=!sh ldapsearch -x -H ldap://$ldap_auth:$ldap_port -b "$ldap_base" '$ldap_id' -D "$ldap_id , $ldap_base" -w '$(wims_read_parm[2])'
468 bpr 47
 
4613 bpr 48
atest=result: 0 Success
49
btest=# numEntries: 1
50
firstcond=0
51
 
20 reyssat 52
ldap_cnt=!linecnt $ldap_search
53
!for i=1 to $ldap_cnt
54
 l=!line $i of $ldap_search
4613 bpr 55
 field=!word 1 of $l
468 bpr 56
 
57
 !if $field iswordof $ldap_login:
58
  auth_real_login=!word 2 of $l
59
 !endif
60
 
4613 bpr 61
 !if $l issametext $atest
62
  !increase firstcond
20 reyssat 63
 !endif
4613 bpr 64
 !if $l issametext $btest
65
  !increase firstcond
66
 !endif
20 reyssat 67
!next i
4613 bpr 68
!if $firstcond=2
69
  !!! now the user exists and password is good
70
  !!! find eventually  wims login
71
  !if $ldap_login issametext $ldap_uid
72
     auth_test=!replace internal " by  in $(wims_read_parm[1])
73
  !else
4637 bpr 74
   !if $auth_real_login!= and $auth_real_login!=ERROR
4613 bpr 75
     auth_test=$auth_real_login
76
   !else
77
    !! one looks for the ldap_login in an anonymous way (no password)
5072 bpr 78
    ldap_search2=!sh ldapsearch -x -H ldap://$ldap_auth:$ldap_port -b "$ldap_base" '$ldap_id' $ldap_login | grep -v "^[d]n:" 
4637 bpr 79
    ldap_search2=!replace internal :$ $ by , in $ldap_search2
80
    ldap_cnt2=!linecnt $ldap_search2
81
 
82
    !for i=1 to $ldap_cnt2
83
     l=!line $i of $ldap_search2
84
     field=!item 1 of $l
85
     !if $field iswordof $ldap_login
86
      auth_real_login=!item 2 of $l
87
     !endif 
88
    !next
4613 bpr 89
    !if $auth_real_login!=
4993 bpr 90
      auth_user=$auth_real_login
4613 bpr 91
    !endif
5072 bpr 92
    auth_test=$auth_real_login
4613 bpr 93
   !endif
94
  !endif
95
!endif
633 bpr 96
 
4993 bpr 97
cnt_=!charcnt $auth_user
809 bpr 98
!if $cnt_=3
4993 bpr 99
 auth_user=!nospace $auth_user 0
809 bpr 100
!endif
4613 bpr 101
!if $cnt_<=2
102
  auth_test=ERROR
4993 bpr 103
  !reset auth_user
4613 bpr 104
!endif
4993 bpr 105
!if $auth_test!=ERROR
106
  auth_test=OK
107
!endif
20 reyssat 108
auth_error=$wims_exec_error
4613 bpr 109
!reset wims_exec_error
5072 bpr 110
auth_user_orig=$(wims_read_parm[1])