Menu
▾
▴
Re: LDAP AUTH
|
From: Mark W. <mew...@un...> - 2001-01-08 20:27:52
|
Shain Miley wrote:
> Hi,
> I have two questions I am hoping you guys can help me with.
> 1) I am trying to setup a web app to authenticate with perl-ldap
> (Net::LDAP). The user will submit a form that will contain their
> username and password. I have written the perl code to contact the ldap
> server and it does the search...what I need to know is how to find out
> if the search was successful. I don't need the server to return a list
> of usernames, I need to know if the username was found. If is was found
> good...move on to the password if the username was not found then the
> does not need to check the password.
if ($mesg->count)
{
do something
}
>
>
> 2)I am thinking about using the compare feature of perl-ldap for the
> password check but I can not find much documentation on it...does anyone
> know a good spot to look?
Most of the time people don't use compare they do a search, get the user's
DN & then do a bind. If you use compare, you're assuming you have access to
read passwords on the server & that you know how the passwords are hashed.
Then you have to hash the password and then do the compare.
A compare works like this:
my $mesg = $ldap->compare(dn,attr,value)
if the result code is 6 then the result is True (or is 5 true and 6 is
false?). Thus if compare is not equal to "TRUE" then the compare failed.
I have a compare example in the contrib directory in the ismember.pl
script.
Mark
>
> Thank you in advance for any help you can provide.
> Shain
|
