worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

* perltidy

Browse Source 
* LDAP: loadPP() is called now directly in ldap() to avoid to call it in authInit()
environments/ppa-mbqj77/deployments/1
Xavier Guimard 16 years ago
parent bf488752b4
commit 655fd9e526
10 changed files with 156 additions and 116 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthLDAP.pm
  2. 8
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthMulti.pm
  3. 3
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthSSL.pm
  4. 29
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm
  5. 70
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/PasswordDBLDAP.pm
  6. 4
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
  7. 8
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBMulti.pm
  8. 127
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_LDAP.pm
  9. 7
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SOAP.pm
  10. 12
      modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_WebForm.pm

4
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthLDAP.pm
Unescape View File

@ -20,10 +20,6 @@ use base qw(Lemonldap::NG::Portal::_WebForm);
# Load Net::LDAP::Control::PasswordPolicy if needed # Load Net::LDAP::Control::PasswordPolicy if needed
# @return Lemonldap::NG::Portal constant # @return Lemonldap::NG::Portal constant
sub authInit { sub authInit {
my $self = shift;
if ( $self->{ldapPpolicyControl} and not $self->ldap->loadPP()) {
return PE_LDAPERROR;
}
PE_OK; PE_OK;
} }

8
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthMulti.pm
Unescape View File

@ -6,22 +6,22 @@ our $VERSION = '0.1';
sub authInit { sub authInit {
my $self = shift; my $self = shift;
return $self->_multi->try('authInit',0); return $self->_multi->try( 'authInit', 0 );
} }
sub extractFormInfo { sub extractFormInfo {
my $self = shift; my $self = shift;
return $self->_multi->try('extractFormInfo',0); return $self->_multi->try( 'extractFormInfo', 0 );
} }
sub setAuthSessionInfo { sub setAuthSessionInfo {
my $self = shift; my $self = shift;
return $self->_multi->try('setAuthSessionInfo',0); return $self->_multi->try( 'setAuthSessionInfo', 0 );
} }
sub authenticate { sub authenticate {
my $self = shift; my $self = shift;
return $self->_multi->try('authenticate',0); return $self->_multi->try( 'authenticate', 0 );
} }
1; 1;

3
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthSSL.pm
Unescape View File

@ -45,7 +45,8 @@ sub extractFormInfo {
return PE_OK; return PE_OK;
} }
elsif ( $self->{SSLRequire} ) { elsif ( $self->{SSLRequire} ) {
$self->_sub('userError',"No certificate found for $ENV{REMOTE_ADDR}"); $self->_sub( 'userError',
"No certificate found for $ENV{REMOTE_ADDR}" );
return PE_CERTIFICATEREQUIRED; return PE_CERTIFICATEREQUIRED;
} }
$self->{AuthLDAPFilter} = ''; $self->{AuthLDAPFilter} = '';

29
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Menu.pm
Unescape View File

@ -11,9 +11,9 @@ require Lemonldap::NG::Common::CGI;
use Lemonldap::NG::Portal::SharedConf; use Lemonldap::NG::Portal::SharedConf;
use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap Object used to change passwords only use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap Object used to change passwords only
use XML::LibXML; use XML::LibXML;
use Lemonldap::NG::Common::Safelib; #link protected safe Safe object use Lemonldap::NG::Common::Safelib; #link protected safe Safe object
use Safe; use Safe;
use Lemonldap::NG::Portal::PasswordDBLDAP; #inherits use Lemonldap::NG::Portal::PasswordDBLDAP; #inherits
#inherits Net::LDAP::Control::PasswordPolicy #inherits Net::LDAP::Control::PasswordPolicy
@ -217,7 +217,7 @@ sub appslistDescription {
# @return XML root element object # @return XML root element object
sub _getXML { sub _getXML {
my $self = shift; my $self = shift;
return $self->{_xml} if($self->{_xml}); return $self->{_xml} if ( $self->{_xml} );
# Parse XML file # Parse XML file
my $parser = XML::LibXML->new(); my $parser = XML::LibXML->new();
@ -300,9 +300,10 @@ sub _displayApplication {
|| "" ); || "" );
# Display application # Display application
$html .= "<li title=\"$appid\" class=\"appname\"><span>" $html .=
. ($appuri ? "<a href=\"$appuri\">$appname</a>" : "<a>$appname</a>") "<li title=\"$appid\" class=\"appname\"><span>"
. "</span>\n"; . ( $appuri ? "<a href=\"$appuri\">$appname</a>" : "<a>$appname</a>" )
. "</span>\n";
my @appnodes = $app->findnodes("application"); my @appnodes = $app->findnodes("application");
if (@appnodes) { if (@appnodes) {
$html .= "<ul>"; $html .= "<ul>";
@ -355,9 +356,9 @@ sub _displayDescription {
# @param $root XML root element # @param $root XML root element
# @return XML_string # @return XML_string
sub _filterXML { sub _filterXML {
my $self = shift; my $self = shift;
my ($root) = @_; my ($root) = @_;
my @cat = $root->getElementsByTagName('category'); my @cat = $root->getElementsByTagName('category');
foreach my $cat (@cat) { foreach my $cat (@cat) {
$self->_filterApp($cat); $self->_filterApp($cat);
} }
@ -369,11 +370,11 @@ sub _filterXML {
} }
sub _filterApp { sub _filterApp {
my($self,$node)=@_; my ( $self, $node ) = @_;
my @apps = $node->getChildrenByTagName('application'); my @apps = $node->getChildrenByTagName('application');
my $tag = 0; my $tag = 0;
foreach(@apps) { foreach (@apps) {
my $stag = $self->_filterApp($_); my $stag = $self->_filterApp($_);
my $appdisplay = $_->getChildrenByTagName('display')->string_value(); my $appdisplay = $_->getChildrenByTagName('display')->string_value();
my $appuri = my $appuri =
$self->_userParam( $_->getChildrenByTagName('uri')->string_value() ); $self->_userParam( $_->getChildrenByTagName('uri')->string_value() );
@ -389,8 +390,8 @@ sub _filterApp {
# Check grant function if display is "auto" (this is the default) # Check grant function if display is "auto" (this is the default)
unless ( $self->_grant($appuri) ) { unless ( $self->_grant($appuri) ) {
if($stag) { if ($stag) {
eval {$_->getChildrenByTagName('uri')->unbindNode() }; eval { $_->getChildrenByTagName('uri')->unbindNode() };
$tag++; $tag++;
} }
else { else {

70
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/PasswordDBLDAP.pm
Unescape View File

@ -14,14 +14,10 @@ our $VERSION = '0.2';
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter; *_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
*_search = *Lemonldap::NG::Portal::UserDBLDAP::search; *_search = *Lemonldap::NG::Portal::UserDBLDAP::search;
## @apmethod int apasswordDBInit() ## @apmethod int passwordDBInit()
# Load Net::LDAP::Control::PasswordPolicy if needed # Load Net::LDAP::Control::PasswordPolicy if needed
# @return Lemonldap::NG::Portal constant # @return Lemonldap::NG::Portal constant
sub passwordDBInit { sub passwordDBInit {
my $self = shift;
if ( $self->{ldapPpolicyControl} and not $self->ldap->loadPP()) {
return PE_LDAPERROR;
}
PE_OK; PE_OK;
} }
@ -44,10 +40,13 @@ sub modifyPassword {
return $tmp if ($tmp); return $tmp if ($tmp);
} }
$self->lmLog("Modify password request for ".$self->{dn},'debug'); $self->lmLog( "Modify password request for " . $self->{dn}, 'debug' );
# Call the modify password method # Call the modify password method
return $self->ldap->userModifyPassword( $self->{dn}, $self->{newpassword}, $self->{confirmpassword}, $self->{oldpassword} ); return $self->ldap->userModifyPassword(
$self->{dn}, $self->{newpassword},
$self->{confirmpassword}, $self->{oldpassword}
);
PE_OK; PE_OK;
} }
@ -70,65 +69,70 @@ sub resetPasswordByMail {
return $tmp if ($tmp); return $tmp if ($tmp);
} }
$self->lmLog("Reset password request for ".$self->{dn},'debug'); $self->lmLog( "Reset password request for " . $self->{dn}, 'debug' );
# Check the required modules before changing password # Check the required modules before changing password
eval {require String::Random}; eval { require String::Random };
if ($@) { if ($@) {
$self->lmLog("Module String::Random not found in @INC",'error' ); $self->lmLog( "Module String::Random not found in @INC", 'error' );
return PE_ERROR; return PE_ERROR;
} }
eval {require MIME::Lite}; eval { require MIME::Lite };
if ($@) { if ($@) {
$self->lmLog("Module MIME::Lite not found in @INC",'error' ); $self->lmLog( "Module MIME::Lite not found in @INC", 'error' );
return PE_ERROR; return PE_ERROR;
} }
# Generate a complex password # Generate a complex password
my $random = new String::Random; my $random = new String::Random;
my $password = $random->randregex( $self->{randomPasswordRegexp} ); my $password = $random->randregex( $self->{randomPasswordRegexp} );
$self->lmLog("Generated password: ".$password,'debug'); $self->lmLog( "Generated password: " . $password, 'debug' );
# Call the modify password method # Call the modify password method
my $pe_error = $self->ldap->userModifyPassword( $self->{dn}, $password, $password ); my $pe_error =
$self->ldap->userModifyPassword( $self->{dn}, $password, $password );
return $pe_error unless ($pe_error == PE_PASSWORD_OK); return $pe_error unless ( $pe_error == PE_PASSWORD_OK );
# If Password Policy, set the PwdReset flag # If Password Policy, set the PwdReset flag
if ( $self->{ldapPpolicyControl} ) { if ( $self->{ldapPpolicyControl} ) {
my $result = $self->ldap->modify( $self->{dn}, replace => { 'pwdReset' => 'TRUE' } ); my $result =
$self->ldap->modify( $self->{dn},
replace => { 'pwdReset' => 'TRUE' } );
unless ( $result->code == 0) { unless ( $result->code == 0 ) {
$self->lmLog("LDAP modify pwdReset error: ".$result->code,'error'); $self->lmLog( "LDAP modify pwdReset error: " . $result->code,
'error' );
return PE_LDAPERROR; return PE_LDAPERROR;
} }
$self->lmLog("pwdReset set to TRUE",'debug'); $self->lmLog( "pwdReset set to TRUE", 'debug' );
} }
# Send new password by mail # Send new password by mail
$self->{mailBody} =~ s/\$password/$password/g; $self->{mailBody} =~ s/\$password/$password/g;
$self->{mailBody} =~ s/\$(\w+)/$self->{sessionInfo}->{$1}/g; $self->{mailBody} =~ s/\$(\w+)/$self->{sessionInfo}->{$1}/g;
$self->lmLog("SMTP From ".$self->{mailFrom},'debug'); $self->lmLog( "SMTP From " . $self->{mailFrom}, 'debug' );
$self->lmLog("SMTP To ".$self->{mail},'debug'); $self->lmLog( "SMTP To " . $self->{mail}, 'debug' );
$self->lmLog("SMTP Subject ".$self->{mailSubject},'debug'); $self->lmLog( "SMTP Subject " . $self->{mailSubject}, 'debug' );
$self->lmLog("SMTP Body ".$self->{mailBody},'debug'); $self->lmLog( "SMTP Body " . $self->{mailBody}, 'debug' );
eval { eval {
my $message = MIME::Lite->new( my $message = MIME::Lite->new(
From => $self->{mailFrom}, From => $self->{mailFrom},
To => $self->{mail}, To => $self->{mail},
Subject => $self->{mailSubject}, Subject => $self->{mailSubject},
Type => "TEXT", Type => "TEXT",
Data => $self->{mailBody}, Data => $self->{mailBody},
); );
$self->{SMTPServer} ? $message->send("smtp",$self->{SMTPServer}) : $message->send(); $self->{SMTPServer}
? $message->send( "smtp", $self->{SMTPServer} )
: $message->send();
}; };
if ($@) { if ($@) {
$self->lmLog("Send message failed: $@",'error'); $self->lmLog( "Send message failed: $@", 'error' );
return PE_ERROR; return PE_ERROR;
} }
PE_PASSWORD_OK; PE_PASSWORD_OK;
} }

4
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
Unescape View File

@ -505,7 +505,7 @@ sub _deleteSession {
my ( $self, $h ) = @_; my ( $self, $h ) = @_;
if ( my $id2 = $h->{_httpSession} ) { if ( my $id2 = $h->{_httpSession} ) {
my $h2 = $self->getApacheSession($id2); my $h2 = $self->getApacheSession($id2);
eval {tied(%$h2)->delete()}; eval { tied(%$h2)->delete() };
$self->lmLog( $@, 'error' ) if ($@); $self->lmLog( $@, 'error' ) if ($@);
# Delete cookie # Delete cookie
@ -521,7 +521,7 @@ sub _deleteSession {
); );
} }
my $r; my $r;
eval {$r = tied(%$h)->delete()}; eval { $r = tied(%$h)->delete() };
$self->lmLog( $@, 'error' ) if ($@); $self->lmLog( $@, 'error' ) if ($@);
# Delete cookie # Delete cookie

8
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDBMulti.pm
Unescape View File

@ -6,22 +6,22 @@ our $VERSION = '0.1';
sub userDBInit { sub userDBInit {
my $self = shift; my $self = shift;
return $self->_multi->try('userDBInit',1); return $self->_multi->try( 'userDBInit', 1 );
} }
sub getUser { sub getUser {
my $self = shift; my $self = shift;
return $self->_multi->try('getUser',1); return $self->_multi->try( 'getUser', 1 );
} }
sub setSessionInfo { sub setSessionInfo {
my $self = shift; my $self = shift;
return $self->_multi->try('setSessionInfo',1); return $self->_multi->try( 'setSessionInfo', 1 );
} }
sub setGroups { sub setGroups {
my $self = shift; my $self = shift;
return $self->_multi->try('setGroups',1); return $self->_multi->try( 'setGroups', 1 );
} }
1; 1;

127
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_LDAP.pm
Unescape View File

@ -41,9 +41,9 @@ sub new {
} }
$self = Net::LDAP->new( $self = Net::LDAP->new(
\@servers, \@servers,
onerror => undef, onerror => undef,
( $portal->{ldapPort} ? ( port => $portal->{ldapPort} ) : () ), ( $portal->{ldapPort} ? ( port => $portal->{ldapPort} ) : () ),
); );
unless ($self) { unless ($self) {
$portal->lmLog( $@, 'error' ); $portal->lmLog( $@, 'error' );
return 0; return 0;
@ -98,7 +98,7 @@ sub loadPP {
return 1 if ($ppLoaded); return 1 if ($ppLoaded);
# require Perl module # require Perl module
eval {require Net::LDAP::Control::PasswordPolicy}; eval { require Net::LDAP::Control::PasswordPolicy };
if ($@) { if ($@) {
$self->{portal}->lmLog( $self->{portal}->lmLog(
"Module Net::LDAP::Control::PasswordPolicy not found in @INC", "Module Net::LDAP::Control::PasswordPolicy not found in @INC",
@ -121,10 +121,7 @@ sub userBind {
my $pp = Net::LDAP::Control::PasswordPolicy->new(); my $pp = Net::LDAP::Control::PasswordPolicy->new();
# Bind with user credentials # Bind with user credentials
my $mesg = $self->bind( my $mesg = $self->bind( @_, control => [$pp] );
@_,
control => [$pp]
);
# Get server control response # Get server control response
my ($resp) = $mesg->control("1.3.6.1.4.1.42.2.27.8.5.1"); my ($resp) = $mesg->control("1.3.6.1.4.1.42.2.27.8.5.1");
@ -137,7 +134,8 @@ sub userBind {
my $pp_error = $resp->pp_error; my $pp_error = $resp->pp_error;
if ( defined $pp_error ) { if ( defined $pp_error ) {
$self->{portal}->_sub( 'userError', "Password policy error $pp_error for $self->{portal}->{user}" ); $self->{portal}->_sub( 'userError',
"Password policy error $pp_error for $self->{portal}->{user}" );
return [ return [
PE_PP_PASSWORD_EXPIRED, PE_PP_PASSWORD_EXPIRED,
PE_PP_ACCOUNT_LOCKED, PE_PP_ACCOUNT_LOCKED,
@ -148,20 +146,21 @@ sub userBind {
PE_PP_PASSWORD_TOO_SHORT, PE_PP_PASSWORD_TOO_SHORT,
PE_PP_PASSWORD_TOO_YOUNG, PE_PP_PASSWORD_TOO_YOUNG,
PE_PP_PASSWORD_IN_HISTORY, PE_PP_PASSWORD_IN_HISTORY,
]->[$pp_error]; ]->[$pp_error]
or PE_ERROR;
} }
elsif ( $mesg->code == 0 ) { elsif ( $mesg->code == 0 ) {
return PE_OK; return PE_OK;
} }
} }
else { else {
my $mesg = my $mesg = $self->bind(@_);
$self->bind( @_ );
if ( $mesg->code == 0 ) { if ( $mesg->code == 0 ) {
return PE_OK; return PE_OK;
} }
} }
$self->{portal}->_sub( 'userError', "Bad password for $self->{portal}->{user}" ); $self->{portal}
->_sub( 'userError', "Bad password for $self->{portal}->{user}" );
return PE_BADCREDENTIALS; return PE_BADCREDENTIALS;
} }
@ -183,68 +182,94 @@ sub userModifyPassword {
# First case: no ppolicy # First case: no ppolicy
if ( !$self->{portal}->{ldapPpolicyControl} ) { if ( !$self->{portal}->{ldapPpolicyControl} ) {
if ( $self->{portal}->{ldapSetPassword} ) { if ( $self->{portal}->{ldapSetPassword} ) {
# Use SetPassword extended operation # Use SetPassword extended operation
use Net::LDAP::Extension::SetPassword; use Net::LDAP::Extension::SetPassword;
$mesg = ( $oldpassword ) $mesg =
? $self->set_password( user => $dn, ($oldpassword)
oldpasswd => $oldpassword, ? $self->set_password(
newpassword => $newpassword ) user => $dn,
: $self->set_password( user => $dn, oldpasswd => $oldpassword,
newpassword => $newpassword ); newpassword => $newpassword
)
: $self->set_password(
user => $dn,
newpassword => $newpassword
);
# Catch the "Unwilling to perform" error # Catch the "Unwilling to perform" error
return PE_BADOLDPASSWORD if ( $mesg->code == 53 ); return PE_BADOLDPASSWORD if ( $mesg->code == 53 );
} else { }
if ( $oldpassword ) { else {
if ($oldpassword) {
# Check old password with a bind # Check old password with a bind
$mesg = $self->bind ($dn, password => $oldpassword); $mesg = $self->bind( $dn, password => $oldpassword );
return PE_BADOLDPASSWORD if ( $mesg->code != 0 ); return PE_BADOLDPASSWORD if ( $mesg->code != 0 );
# Rebind as Manager # Rebind as Manager
$self->bind(); $self->bind();
} }
# Use standard modification # Use standard modification
$mesg = $self->modify( $dn, $mesg =
replace => { userPassword => $newpassword } ); $self->modify( $dn, replace => { userPassword => $newpassword } );
} }
return PE_WRONGMANAGERACCOUNT return PE_WRONGMANAGERACCOUNT
if ( $mesg->code == 50 || $mesg->code == 8 ); if ( $mesg->code == 50 || $mesg->code == 8 );
return PE_LDAPERROR unless ( $mesg->code == 0 ); return PE_LDAPERROR unless ( $mesg->code == 0 );
$self->{portal}->_sub( 'userNotice', "Password changed $self->{portal}->{user}" ); $self->{portal}
->_sub( 'userNotice', "Password changed $self->{portal}->{user}" );
return PE_PASSWORD_OK; return PE_PASSWORD_OK;
} }
else { else {
# Create Control object # Create Control object
my $pp = Net::LDAP::Control::PasswordPolicy->new; my $pp = Net::LDAP::Control::PasswordPolicy->new;
if ( $self->{portal}->{ldapSetPassword} ) { if ( $self->{portal}->{ldapSetPassword} ) {
# Use SetPassword extended operation # Use SetPassword extended operation
# Warning: need a patch on Perl-LDAP # Warning: need a patch on Perl-LDAP
# See http://groups.google.com/group/perl.ldap/browse_thread/thread/5703a41ccb17b221/377a68f872cc2bb4?lnk=gst&q=setpassword#377a68f872cc2bb4 # See http://groups.google.com/group/perl.ldap/browse_thread/thread/5703a41ccb17b221/377a68f872cc2bb4?lnk=gst&q=setpassword#377a68f872cc2bb4
use Net::LDAP::Extension::SetPassword; use Net::LDAP::Extension::SetPassword;
$mesg = ( $oldpassword ) $mesg =
? $self->set_password( user => $dn, ($oldpassword)
oldpasswd => $oldpassword, ? $self->set_password(
newpassword => $newpassword, user => $dn,
control => [$pp] ) oldpasswd => $oldpassword,
: $self->set_password( user => $dn, newpassword => $newpassword,
newpassword => $newpassword, control => [$pp]
control => [$pp] ); )
: $self->set_password(
user => $dn,
newpassword => $newpassword,
control => [$pp]
);
# Catch the "Unwilling to perform" error # Catch the "Unwilling to perform" error
return PE_BADOLDPASSWORD if ( $mesg->code == 53 ); return PE_BADOLDPASSWORD if ( $mesg->code == 53 );
} else { }
if ( $oldpassword ) { else {
if ($oldpassword) {
# Check old password with a bind # Check old password with a bind
$mesg = $self->bind($dn, password => $oldpassword); $mesg = $self->bind( $dn, password => $oldpassword );
return PE_BADOLDPASSWORD if ( $mesg->code != 0 ); return PE_BADOLDPASSWORD if ( $mesg->code != 0 );
# Rebind as Manager # Rebind as Manager
$self->bind(); $self->bind();
} }
# Use standard modification # Use standard modification
$mesg = $self->modify( $dn, $mesg = $self->modify(
replace => { userPassword => $newpassword }, $dn,
control => [$pp] ); replace => { userPassword => $newpassword },
control => [$pp]
);
} }
# Get server control response # Get server control response
@ -253,14 +278,17 @@ sub userModifyPassword {
return PE_WRONGMANAGERACCOUNT return PE_WRONGMANAGERACCOUNT
if ( $mesg->code == 50 || $mesg->code == 8 ); if ( $mesg->code == 50 || $mesg->code == 8 );
if ( $mesg->code == 0 ) { if ( $mesg->code == 0 ) {
$self->{portal}->_sub( 'userNotice', "Password changed $self->{portal}->{user}" ); $self->{portal}->_sub( 'userNotice',
"Password changed $self->{portal}->{user}" );
return PE_PASSWORD_OK; return PE_PASSWORD_OK;
} }
if ( defined $resp ) { if ( defined $resp ) {
my $pp_error = $resp->pp_error; my $pp_error = $resp->pp_error;
if ( defined $pp_error ) { if ( defined $pp_error ) {
$self->{portal}->_sub( 'userError', "Password policy error $pp_error for $self->{portal}->{user}" ); $self->{portal}->_sub( 'userError',
"Password policy error $pp_error for $self->{portal}->{user}"
);
return [ return [
PE_PP_PASSWORD_EXPIRED, PE_PP_PASSWORD_EXPIRED,
PE_PP_ACCOUNT_LOCKED, PE_PP_ACCOUNT_LOCKED,
@ -288,8 +316,17 @@ sub ldap {
if ( $self->{ldap} = Lemonldap::NG::Portal::_LDAP->new($self) if ( $self->{ldap} = Lemonldap::NG::Portal::_LDAP->new($self)
and my $mesg = $self->{ldap}->bind ) and my $mesg = $self->{ldap}->bind )
{ {
return $self->{ldap} if ( $mesg->code == 0 ); if ( $mesg->code != 0 ) {
$self->lmLog( "LDAP error: " . $mesg->error, 'error' ); $self->lmLog( "LDAP error: " . $mesg->error, 'error' );
}
else {
if ( $self->{ldapPpolicyControl} and not $self->{ldap}->loadPP() ) {
$self->lmLog("LDAP password policy error");
}
else {
return $self->{ldap};
}
}
} }
else { else {
$self->lmLog( "LDAP error: $@", 'error' ); $self->lmLog( "LDAP error: $@", 'error' );

7
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_SOAP.pm
Unescape View File

@ -20,15 +20,16 @@ sub startSoapServices {
$self->{CustomSOAPServices} ||= {}; $self->{CustomSOAPServices} ||= {};
# TODO: insert here the SAML SOAP functions # TODO: insert here the SAML SOAP functions
$self->{CustomSOAPServices}->{'/SAMLAuthority'} = '' if($self->{SAMLIssuer}); $self->{CustomSOAPServices}->{'/SAMLAuthority'} = ''
if ( $self->{SAMLIssuer} );
if ( if (
$ENV{PATH_INFO} $ENV{PATH_INFO}
and my $tmp = { and my $tmp = {
%{$self->{CustomSOAPServices}}, %{ $self->{CustomSOAPServices} },
'/sessions' => 'getAttributes', '/sessions' => 'getAttributes',
'/adminSessions' => 'getAttributes setAttributes ' '/adminSessions' => 'getAttributes setAttributes '
. 'newSession deleteSession get_key_from_all_sessions', . 'newSession deleteSession get_key_from_all_sessions',
'/config' => 'getConfig lastCfg' '/config' => 'getConfig lastCfg'
}->{ $ENV{PATH_INFO} } }->{ $ENV{PATH_INFO} }
) )
{ {

12
modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_WebForm.pm
Unescape View File

@ -27,15 +27,15 @@ sub extractFormInfo {
return PE_FORMEMPTY return PE_FORMEMPTY
unless ( unless (
( (
( ( length( $self->{'user'} = $self->param('user') ) > 0 )
length( $self->{'user'} = $self->param('user') ) > 0
)
&& ( && (
( (
length( $self->{'password'} = $self->param('password') ) > 0 length( $self->{'password'} = $self->param('password') ) > 0
) )
|| ( || (
length($self->{'newpassword'} = $self->param('newpassword') ) > 0 length(
$self->{'newpassword'} = $self->param('newpassword')
) > 0
) )
) )
) )
@ -43,7 +43,7 @@ sub extractFormInfo {
); );
$self->{'oldpassword'} = $self->param('oldpassword'); $self->{'oldpassword'} = $self->param('oldpassword');
$self->{'confirmpassword'} = $self->param('confirmpassword'); $self->{'confirmpassword'} = $self->param('confirmpassword');
$self->{'timezone'} = $self->param('timezone'); $self->{'timezone'} = $self->param('timezone');
PE_OK; PE_OK;
} }
@ -68,7 +68,7 @@ sub setAuthSessionInfo {
# Store user timezone # Store user timezone
$self->{sessionInfo}->{'_timezone'} = $self->{'timezone'}; $self->{sessionInfo}->{'_timezone'} = $self->{'timezone'};
PE_OK; PE_OK;
} }

Write Preview
Loading…
Cancel
Save