• Your recent searches
Apache-AuthLDAP
1 match

 view release on metacpan or  search on metacpan

AuthLDAP.pm  view on Meta::CPAN 

   }

   my $ld = new Net::LDAPapi($ldapserver,$ldapport);
   if ($ld <= 0)
   {
      $r->note_basic_auth_failure;
      $r->log_reason("user $name: LDAP Connection Failed",$r->uri);
      return AUTH_REQUIRED;
   }

   if ($ld->bind_s != LDAP_SUCCESS)
   {
      $r->note_basic_auth_failure;
      $r->log_reason("user $name: LDAP Initial Bind Failed",$r->uri);
      return AUTH_REQUIRED;
   }

   my $filter = "$uidattr=$name";
   my $status = $ld->search_s($basedn,LDAP_SCOPE_SUBTREE,$filter,["c"],1);
   if ($status != LDAP_SUCCESS)
   {
      $r->note_basic_auth_failure;
      $r->log_reason("user $name: ldap search failed",$r->uri);
      $ld->unbind;
      return AUTH_REQUIRED;
   }

   if ($ld->count_entries != 1)
   {
      $r->note_basic_auth_failure;
      $r->log_reason("user $name: username not found",$r->uri);
      $ld->unbind;
      return AUTH_REQUIRED;
   }

   $ld->first_entry;

   my $dn = $ld->get_dn;

   $status = $ld->bind_s($dn,$sent_pwd);
   if ($status == LDAP_SUCCESS)
   {
      $r->push_handlers(PerlAuthzHandler => \&authz);
      $ld->unbind;
      return OK;
   }

   $ld->unbind;
   $r->note_basic_auth_failure;
   $r->log_reason("user $name: password mismatch", $r->uri);
   return AUTH_REQUIRED;
}

sub authz
{
   my $r = shift;
   my $requires = $r->requires;
   return OK unless $requires;

AuthLDAP.pm  view on Meta::CPAN 

      my ($require, @rest) = split /\s+/, $req->{requirement};

      if ($require eq "user")
      {
         return OK if grep $name eq $_, @rest;
      } elsif ($require eq "valid-user")
      {
         return OK;
      } else {
         my $ld = new Net::LDAPapi($ldapserver,$ldapport);
         $ld->bind_s;
         my $filter = "(&(|($require=" . join(")($require=",@rest) .
               "))($uidattr=$name))";
         my $status = $ld->search_s($basedn,LDAP_SCOPE_SUBTREE,$filter,["c"],1);
         if ($status != LDAP_SUCCESS)
         {
            $r->note_basic_auth_failure;
            $r->log_reason("LDAP Lookup Failed",$r->uri);
            $ld->unbind;
            return AUTH_REQUIRED;
         }
         if ($ld->count_entries == 1)
         {
            $ld->unbind;
            return OK;
         }
         $ld->unbind;
      }
   }

   $r->note_basic_auth_failure;
   $r->log_reason("user $name: not authorized", $r->uri);
   return AUTH_REQUIRED;
}

1;
__END__



( run in 3.785 seconds using v1.01-cache-2.11-cpan-2398b32b56e )