Return to localauth.pm CVS log

Up to [LON-CAPA] / modules / fsu

local authentication using ldap.

    1: # The LON-CAPA localauthentication mechanism
    2: #
    3: # LON-CAPA is free software; you can redistribute it and/or modify
    4: # it under the terms of the GNU General Public License as published by
    5: # the Free Software Foundation; either version 2 of the License, or
    6: # (at your option) any later version.
    7: #
    8: # LON-CAPA is distributed in the hope that it will be useful,
    9: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   10: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   11: # GNU General Public License for more details.
   12: #
   13: # You should have received a copy of the GNU General Public License
   14: # along with LON-CAPA; if not, write to the Free Software
   15: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   16: #
   17: # /home/httpd/html/adm/gpl.txt
   18: #
   19: # http://www.lon-capa.org/
   20: #
   21: # 8/24 Guy Albertelli
   22: # 6/17/2003 H. K. Ng
   23: # 2/16/2004 Ng
   24: #
   25: # local authentication using ldap
   26: # To use this package, you will also need the following:
   27: # perl-ldap-0.31.tar.gz
   28: # which in term requires
   29: #  Authen-SASL-2.04.tar.gz
   30: #  Convert-ASN1-0.17.tar.gz
   31: #  IO-Socket-SSL-0.92.tar.gz
   32: #  Net_SSLeay.pm-1.23.tar.gz
   33: #  XML-SAX-Base-1.02.tar.gz
   34: #
   35: # One of the packages may prompt you to update the openssl, so you may also
   36: # need openssl-0.9.7b.tar.gz
   37: #
   38: # Above were the versions used at fsu. 
   39: #
   40: # To implement it on your local system, complete the variable assignment below.
   41: #
   42: # See notes beside each variable.
   43: #
   44: package localauth;
   45: use strict;
   46: use Net::LDAP;
   47: use Net::LDAPS;
   48: 
   49: # ----START LOCAL CHANGES HERE ----- DON'T DELETE THIS LINE
   50: sub localauth {
   51:     my ($username,$password) = @_;
   52: 
   53:     my $ldap_host_name = '';    # insert the host name of your ldap server, e.g., ldap.fsu.edu
   54:     my $ldap_ca_file_name = ''; # insert the ldap certificate filename - include absolute path
   55:                                 # certificate is required if you wish to encrypt the password.
   56:                                 # e.g., /home/http/perl/lib/local/ldap.certificate
   57:     my $ldap_search_base = '';  # ldap search base, at fsu this is set to 'o=fsu.edu'.
   58: 
   59:     my $ldap = Net::LDAPS->new($ldap_host_name,
   60: 			       verify => 'require', # 'require' implies that a certificate is needed
   61:                                                     # else set to 'none' if you do not wish to use a certificate
   62: 			       cafile => $ldap_ca_file_name,
   63: 			       );
   64: 
   65:     if (not defined $ldap) {
   66:         return (0);
   67:     } 
   68: 
   69:     $ldap->bind;
   70: 
   71:     my $search_string = '(acnsloginname='.$username.')';
   72:     my $mesg = $ldap->search (base   => $ldap_search_base,
   73: 			      filter => $search_string,
   74: 			      attrs => ['dn'] ,
   75: 			      );
   76:     
   77:     if ($mesg->code) {
   78: 	$ldap->unbind;
   79: 	$ldap->disconnect;
   80:         return (0) 
   81:     }
   82: 
   83:     my @entries = $mesg->all_entries;
   84:     if ($#entries != 0) {
   85: 	$ldap->unbind;
   86: 	$ldap->disconnect;
   87:         return (0) 
   88:     }
   89:     $mesg = $ldap->bind (dn       => $entries[0]->dn,
   90: 			 password => $password,
   91: 			 );
   92:     
   93:     $ldap->unbind;
   94:     $ldap->disconnect;
   95:     if ($mesg->code) {
   96:         return (0) 
   97:     }
   98: 
   99:     return (1);
  100: }
  101: # ----END LOCAL CHANGES HERE ----- DON'T DELETE THIS LINE
  102: 
  103: 1;
  104: __END__