Re: ldap authentication is driving me to drink

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

----- Original Message -----
From: Chris Ronstadt <not...@ho...>
To: <per...@li...>
Sent: Tuesday, July 09, 2002 4:33 PM
Subject: ldap authentication is driving me to drink


> I am trying to do an ldap authentication program (still) and no matter
what
> I do I am having problems and I am extremely new to both perl and ldap and
> am having trouble finding any decent documentation on it I am about ready
to
> go crazy with this, here is my WHOLE program and the web output I get, any
> help at all would be beyond apreciated:
>
> #!/usr/bin/perl
>
> #Get HTML Input
> my $field;
>
> &GetFormInput;
> my $name = $field{'name'} ;
> my $password = $field{'password'} ;
>
> #use strict;
> use Net::LDAP;
>
> #ldap search variables
>         my $results;
>         my $matchAttr = "uid";
>         my $baseDN = "ou=People,o=alcdsb.on.ca";
>         my @attrs;
>
> #error checking
>         my $errorMsg;
>         my $error;
>         my $bindError;
>
> #variables for dn
>         my $ent;
>         my $dn;
>         my $mesg;
>
> #variables for html retrieval
>         my $i;
>         my @fval;
>         my $val;
>         my %field;
>
> #connect to LDAP server
>      my $ldapServer = "mail.alcdsb.on.ca";
>      my $ldapPort = 389;
>
>      my $ldap = Net::LDAP -> new($ldapServer, port => $ldapPort,
>                                                           debug=>1)
>                 or die "LDAP Server Connection Failed :$error";
> #Annonymous Query to LDAP baseed on DN
>     $results = $ldap->search(
>                                   base => $baseDN,
>                                   scope => "sub",
>                                   filter => "$matchAttr=$name"
>                                   attrs => @attrs,
>                                   $dn => dn
>                                 );
>
> # request all available attributes
>         @attrs = ();
>
> #check for search error
>          $error = $results->code();
>          if ($error != 0){
>                   $errorMsg =  "Critical LDAP search failed";
>                   printError();
>                   }
>
>          if ($results->count ==0) {
>                 $errorMsg= "Invalid Authentication Information";
>                 printError();
>      }
>
> #get DN
>         # while  ($ent = $results -> shift_entry())
>         # {
>                 #$ent = results -> shift_entry();
> #               $dn = $ent -> dn;
> #        }
>
>
> #bind user
>         $mesg =$ldap->bind(dn=>$dn, password=>$password);
>
> #bind fails
>                          $bindError = $mesg->code();
>                          if ($bindError > 0) {
>                                 $errorMsg="Invalid Authentication
> Information";
>
>                                 printError();
>
>      }
>
> print "<html>\n" ;
> print "<head>\n" ;
> print "<title>Success</title>\n" ;
> print '<meta http-equiv="Content-Type" content="text/html;
> charset=iso-8859-1">'
> ."\n" ;
> print "</head>\n" ;
> print "\n" ;
> print '<body bgcolor="#FFFFFF" text="#000000">'."\n" ;
> print "Privilaged Info so yeah\n" ;
> print "<br><br><br>\n" ;
> print "</body>\n" ;
> print "</html>\n" ;
>
> sub printError {
> print "Content-type: text/html\n\n";
> print "<html>\n" ;
> print "<head>\n" ;
> print "<title>Error</title>\n" ;
> print '<meta http-equiv="Content-Type" content="text/html;
> charset=iso-8859-1">'
> ."\n" ;
> print "</head>\n" ;
> print "\n" ;
> print '<body bgcolor="#FFFFFF" text="#000000">'."\n" ;
> print "$errorMsg<br><br><br>\n" ;
> print "</body>\n" ;
> print "</html>\n" ;
> }
>
> sub GetFormInput {
> #Rerreive from form
>
>         (*fval) = @_ if @_ ;
>
>         local ($buf);
>         if ($ENV{'REQUEST_METHOD'} eq 'POST') {
>         if ($ENV{'REQUEST_METHOD'} eq 'POST') {
>                 read(STDIN,$buf,$ENV{'CONTENT_LENGTH'});
>         }
>         else {
>                 $buf=$ENV{'QUERY_STRING'};
>         }
>         if ($buf eq "") {
>                         return 0 ;
>                 }
>         else {
>                 @fval=split(/&/,$buf);
>                 foreach $i (0 .. $#fval){
>                         ($name,$val)=split (/=/,$fval[$i],2);
>                         $val=~tr/+/ /;
>                         $val=~ s/%(..)/pack("c",hex($1))/ge;
>                         $name=~tr/+/ /;
>                         $name=~ s/%(..)/pack("c",hex($1))/ge;
>
>                         if (!defined($field{$name})) {
>                                 $field{$name}=$val;
>                         }
>                         else {
>                                 $field{$name} .= ",$val";
>                         }
>                    }
>                 }
> return 1;
> }
>
> web output no matter what DN style that I ahve there that I use is:
>
>
> Invalid Authentication Information
>
>
> Content-type: text/html Invalid Authentication Information
>
>
> Privilaged Info so yeah
>
>
>
> _________________________________________________________________
> MSN Photos is the easiest way to share and print your photos:
> http://photos.msn.com/support/worldwide.aspx
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Stuff, things, and much much more.
> http://thinkgeek.com/sf

I just look at your code and  I see in search method

>                                   base => $baseDN,
>                                   scope => "sub",
>                                   filter => "$matchAttr=$name"
>                                   attrs => @attrs,
>                                   $dn => dn
 IMHO , you must have :  attrs=>\@attrs  like  attrs =>['cn','uid' ] eg.
and  what is   $dn=>dn  ???

$a+
eric german