[prev in list] [next in list] [prev in thread] [next in thread] 

List:       perl-ldap-dev
Subject:    Re: Authenticating to Novell eDir 8.7 from Linux CGI with LDAP
From:       Neo - <kpaxian25 () yahoo ! com>
Date:       2003-08-22 18:51:21
[Download RAW message or body]


Bill,
try this 
 
if($mesg->code() != 0) 
{ 
print "Bind failed. Improper UserID or Password\n"; 
exit;
} 
else 
{ 
print "Success\n\n"; 
} 

For users 
--------------
 
$ans=$result->count;
 
if($ans == 0)
 {
 print   "Sorry wrong user name & password";
exit;
 
}
 
if($ans == 1)
 {
 
print " Success";
 
}
 
if($ans > 1)
 {
 
print "More than one entry";
 
}
 
HTH
 
Regards.
k


Bill Morris <bill_morris@ncsu.edu> wrote:
Folks, 

I am moving my Perl CGI forms from a NetWare 5.1 
box to a Red Hat 8.0 box. I have been authenticating 
my clients with UCSExt. 

I now will have to use LDAP to authenticate to one of 
our NetWare 5.1 servers running eDir 8.7 to verify the 
user should have access to the CGI form on the Linux 
server. 

My current problem is that my scripts perform the 
search anonymously if the authentication fails. I want 
it to bomb out if they enter the wrong ID or password. 

Any suggestions? Turning off anonymous LDAP is not 
an option. 

Here is my script: 

=====================================
#!/usr/bin/perl 

use Net::LDAP; 
use Net::LDAP::Util qw(ldap_error_text); 

$ldap=Net::LDAP->new('152.1.233.51') or die $@; 
#$ldap defines an LDAP connection handle, and 'ldap' is the name 
# of your LDAP server 

print "\n\nNCS UserID : "; 
chomp($CN = ); 

print "\n\nNCS password : "; 
chomp($PWD = ); 
print "\n\n"; 

$mesg = $ldap->bind(dn=>"cn=$CN,ou=ncs,ou=fnb,ou=ncs,o=ncsu", password=>"$PWD"); 
#$ldap->bind(dn=>'cn=admin,o=yoyodyne', password=>'plaintext'); 
# By the way, did I mention that you may have scripts where the 
# password is hardcoded in them? Sure, you can prompt as well, 
# but if you're doing batch processing, you'll need to be aware 
# of this. 

if($mesg->code() != 0) 
{ 
print "Bind failed. Improper UserID or Password\n"; 
} 
else 
{ 
print "Success\n\n"; 
} 
$result=$ldap->search( 
basedn=>"o=NCSU", 
filter=>"cn=$CN", 
); 

die ldap_error_text($result->code) 
if $result->code; 

my $max = $result->count; 

print "\n\n"; 

for(my $index = 0; $index < $max ; $index++) { 
my $entry = $result->entry($index); 
print "Data is $entry\n"; 
} 

foreach $entry ($result->all_entries) { 
@ldap_results=$entry; 
$dn=$entry->dn; 
print ("Info for $dn:\n"); 
print ("Attribute: "); 

@givenname=$entry->get_value('givenName'); 
@initials=$entry->get_value('initials'); 
@surname=$entry->get_value('sn'); 
@department=$entry->get_value('ou'); 
@mail=$entry->get_value('mail'); 
@groupMembership=$entry->get_value('groupMembership'); 
$dn=$entry->dn; 
print ("Info for $dn:\n"); 
print ("First Name: "); 
foreach $givenvalue (@givenname) {print "$givenvalue ";} 
print ("\n"); 
print ("MI: "); 
foreach $initialsvalue (@initials) {print "$initialsvalue ";} 
print ("\n"); 
print ("Surname: "); 
foreach $surnamevalue (@surname) {print "$surnamevalue ";} 
print ("\n"); 
print ("Department: "); 
foreach $departmentvalue (@department) {print "$departmentvalue ";} 
print ("\n"); 
print ("email: "); 
foreach $mailvalue (@mail) {print "$mailvalue ";} 
print ("\n"); 
print ("Member of these Groups: "); 
foreach $groupmembershipvalue (@groupMembership) {print "$groupmembershipvalue \n";} 
print ("\n\n"); 
} 
$ldap->unbind;

=============================================
Thanks for any help you can send my way,

Bill Morris

Bill Morris (bill_morris@ncsu.edu)
Network & Client Services
North Carolina State University
Webmaster/Computing Consultant
Campus Box 7231
14 Peele Hall
10 Watauga Club Dr.
Raleigh, NC 27695-7231

---------------------------------
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software

[prev in list] [next in list] [prev in thread] [next in thread]