1: # The LON-CAPA localauthentication mechanism
2: #
3: # LON-CAPA is free software; you can redistribute it and/or modify
4: # it under the terms of the GNU General Public License as published by
5: # the Free Software Foundation; either version 2 of the License, or
6: # (at your option) any later version.
7: #
8: # LON-CAPA is distributed in the hope that it will be useful,
9: # but WITHOUT ANY WARRANTY; without even the implied warranty of
10: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11: # GNU General Public License for more details.
12: #
13: # You should have received a copy of the GNU General Public License
14: # along with LON-CAPA; if not, write to the Free Software
15: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
16: #
17: # /home/httpd/html/adm/gpl.txt
18: #
19: # http://www.lon-capa.org/
20: #
21: # 8/24 Guy Albertelli
22: # 6/17/2003 H. K. Ng
23: # 2/16/2004 Ng
24: #
25: # local authentication using ldap
26: # To use this package, you will also need the following:
27: # perl-ldap-0.31.tar.gz
28: # which in term requires
29: # Authen-SASL-2.04.tar.gz
30: # Convert-ASN1-0.17.tar.gz
31: # IO-Socket-SSL-0.92.tar.gz
32: # Net_SSLeay.pm-1.23.tar.gz
33: # XML-SAX-Base-1.02.tar.gz
34: #
35: # One of the packages may prompt you to update the openssl, so you may also
36: # need openssl-0.9.7b.tar.gz
37: #
38: # Above were the versions used at fsu.
39: #
40: # To implement it on your local system, complete the variable assignment below.
41: #
42: # See notes beside each variable.
43: #
44: package localauth;
45: use strict;
46: use Net::LDAP;
47: use Net::LDAPS;
48:
49: # ----START LOCAL CHANGES HERE ----- DON'T DELETE THIS LINE
50: sub localauth {
51: my ($username,$password) = @_;
52:
53: my $ldap_host_name = ''; # insert the host name of your ldap server, e.g., ldap.fsu.edu
54: my $ldap_ca_file_name = ''; # insert the ldap certificate filename - include absolute path
55: # certificate is required if you wish to encrypt the password.
56: # e.g., /home/http/perl/lib/local/ldap.certificate
57: my $ldap_search_base = ''; # ldap search base, at fsu this is set to 'o=fsu.edu'.
58:
59: my $ldap = Net::LDAPS->new($ldap_host_name,
60: verify => 'require', # 'require' implies that a certificate is needed
61: # else set to 'none' if you do not wish to use a certificate
62: cafile => $ldap_ca_file_name,
63: );
64:
65: if (not defined $ldap) {
66: return (0);
67: }
68:
69: $ldap->bind;
70:
71: my $search_string = '(acnsloginname='.$username.')';
72: my $mesg = $ldap->search (base => $ldap_search_base,
73: filter => $search_string,
74: attrs => ['dn'] ,
75: );
76:
77: if ($mesg->code) {
78: $ldap->unbind;
79: $ldap->disconnect;
80: return (0)
81: }
82:
83: my @entries = $mesg->all_entries;
84: if ($#entries != 0) {
85: $ldap->unbind;
86: $ldap->disconnect;
87: return (0)
88: }
89: $mesg = $ldap->bind (dn => $entries[0]->dn,
90: password => $password,
91: );
92:
93: $ldap->unbind;
94: $ldap->disconnect;
95: if ($mesg->code) {
96: return (0)
97: }
98:
99: return (1);
100: }
101: # ----END LOCAL CHANGES HERE ----- DON'T DELETE THIS LINE
102:
103: 1;
104: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>