Rev 809 | Rev 4637 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 809 | Rev 4613 | ||
|---|---|---|---|
| Line 11... | Line 11... | ||
| 11 | auth_test=ERROR no_ldap |
11 | auth_test=ERROR no_ldap |
| 12 | !exit |
12 | !exit |
| 13 | !endif |
13 | !endif |
| 14 | 14 | ||
| 15 | ldap_host=!defof class_ldap_host in $authdef |
15 | ldap_host=!defof class_ldap_host in $authdef |
| 16 |
|
16 | !default ldap_host=!defof ldap_host in wimshome/log/wims.conf |
| 17 | 17 | ||
| 18 | ldap_port=!defof class_ldap_port in $authdef |
18 | ldap_port=!defof class_ldap_port in $authdef |
| 19 | !default |
19 | !default ldap_port=!defof ldap_port in wimshome/log/wims.conf |
| 20 | 20 | ||
| 21 | ldap_version=!defof class_ldap_version in $authdef |
21 | ldap_version=!defof class_ldap_version in $authdef |
| 22 | !default |
22 | !default ldap_version=!defof ldap_version in wimshome/log/wims.conf |
| 23 | 23 | ||
| 24 | ldap_base=!defof class_ldap_base in $authdef |
24 | ldap_base=!defof class_ldap_base in $authdef |
| 25 |
|
25 | !default ldap_base=!defof ldap_base in wimshome/log/wims.conf |
| 26 | 26 | ||
| 27 | ldap_branch=!defof class_ldap_branch in $authdef |
27 | ldap_branch=!defof class_ldap_branch in $authdef |
| 28 |
|
28 | !default ldap_branch=!defof ldap_branch in wimshome/log/wims.conf |
| 29 | 29 | ||
| 30 | ldap_uid=!defof class_ldap_uid in $authdef |
30 | ldap_uid=!defof class_ldap_uid in $authdef |
| 31 |
|
31 | !default ldap_uid=!defof ldap_uid in wimshome/log/wims.conf |
| 32 | 32 | ||
| 33 | #ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]),$ldap_branch,$ldap_base |
33 | #ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]),$ldap_branch,$ldap_base |
| 34 | ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]) |
34 | ldap_id=!replace internal " by in $ldap_uid=$(wims_read_parm[1]) |
| 35 | 35 | ||
| 36 | ldap_login=!defof class_ldap_login in $authdef |
36 | ldap_login=!defof class_ldap_login in $authdef |
| 37 | !default |
37 | !default ldap_login=!defof ldap_login in wimshome/log/wims.conf |
| 38 | 38 | ||
| 39 | !if $ldap_login=$empty or $ldap_uid=$empty or $ldap_base=$empty \ |
39 | !if $ldap_login=$empty or $ldap_uid=$empty or $ldap_base=$empty \ |
| 40 | or $ldap_branch=$empty or $ldap_host=$empty |
40 | or $ldap_branch=$empty or $ldap_host=$empty |
| 41 | auth_test=ERROR no_ldap_config |
41 | auth_test=ERROR no_ldap_config |
| 42 | !exit |
42 | !exit |
| 43 | !endif |
43 | !endif |
| 44 | 44 | ||
| 45 | ldap_search=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' -D "$ldap_id , $ldap_base" -w '$(wims_read_parm[2])' |
45 | ldap_search=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' -D "$ldap_id , $ldap_base" -w '$(wims_read_parm[2])' |
| - | 46 | ||
| - | 47 | atest=result: 0 Success |
|
| - | 48 | btest=# numEntries: 1 |
|
| - | 49 | firstcond=0 |
|
| 46 | 50 | ||
| 47 | ldap_cnt=!linecnt $ldap_search |
51 | ldap_cnt=!linecnt $ldap_search |
| 48 | !for i=1 to $ldap_cnt |
52 | !for i=1 to $ldap_cnt |
| 49 | l=!line $i of $ldap_search |
53 | l=!line $i of $ldap_search |
| 50 | field=!word 1 of $l |
54 | field=!word 1 of $l |
| 51 | 55 | ||
| 52 | !if $field iswordof $ldap_login: |
56 | !if $field iswordof $ldap_login: |
| 53 | auth_real_login=!word 2 of $l |
57 | auth_real_login=!word 2 of $l |
| 54 | !endif |
58 | !endif |
| 55 | - | ||
| 56 | !if $l issametext result: 0 Success |
- | |
| 57 | auth_test=$auth_real_login |
- | |
| 58 | !endif |
- | |
| 59 | 59 | ||
| - | 60 | !if $l issametext $atest |
|
| - | 61 | !increase firstcond |
|
| - | 62 | !endif |
|
| - | 63 | !if $l issametext $btest |
|
| - | 64 | !increase firstcond |
|
| - | 65 | !endif |
|
| 60 | !next i |
66 | !next i |
| - | 67 | !if $firstcond=2 |
|
| - | 68 | !!! now the user exists and password is good |
|
| - | 69 | !!! find eventually wims login |
|
| - | 70 | !if $ldap_login issametext $ldap_uid |
|
| - | 71 | auth_test=!replace internal " by in $(wims_read_parm[1]) |
|
| - | 72 | !else |
|
| - | 73 | !if $auth_real_login!= |
|
| - | 74 | auth_test=$auth_real_login |
|
| - | 75 | !else |
|
| - | 76 | !! one looks for the ldap_login in an anonymous way (no password) |
|
| - | 77 | ldap_search2=!sh ldapsearch -x -h $ldap_host -p $ldap_port -b "$ldap_base" '$ldap_id' $ldap_login | grep -v "^[d]n:" |
|
| - | 78 | ldap_search2=!replace internal : by = in $ldap_search2 |
|
| - | 79 | auth_real_login=!getopt $ldap_login in $ldap_search2 |
|
| - | 80 | !if $auth_real_login!= |
|
| - | 81 | auth_test=$auth_real_login |
|
| - | 82 | !endif |
|
| - | 83 | !endif |
|
| - | 84 | !endif |
|
| 61 | 85 | !endif |
|
| 62 | 86 | ||
| 63 | cnt_=!charcnt $auth_test |
87 | cnt_=!charcnt $auth_test |
| 64 | !if $cnt_=3 |
88 | !if $cnt_=3 |
| 65 | auth_test=!nospace $auth_test 0 |
89 | auth_test=!nospace $auth_test 0 |
| - | 90 | !endif |
|
| - | 91 | !if $cnt_<=2 |
|
| - | 92 | auth_test=ERROR |
|
| 66 | !endif |
93 | !endif |
| 67 | auth_error=$wims_exec_error |
94 | auth_error=$wims_exec_error |
| 68 |
|
95 | !reset wims_exec_error |