Menu
▾
▴
perl-ldap-dev
|
From: Rob H. <ha...@wa...> - 2001-01-27 06:03:40
|
It seems to be impossible to use the non-anonymous bind to do user
authentication. No matter what kind of bogus password I send along
with the DN, I get a successful bind. I have tried using lots of
$ldap->unbind calls, getting a brand new connection, everything I can
think of. What am I missing? Thank you.
Rob Hawkes
Motorola, Inc.
------------------------------------------------------------------------
#! /usr/local/bin/perl
# Test driver.
ldapAuth('rvpl50', 'xxx');
########################################################################
#
# l d a p A u t h
#
########################################################################
sub ldapAuth {
my($userid,$password) = @_;
use strict;
use Net::LDAP;
my($ldap,$mesg);
my $server = "directory.mot.com";
# First do an anonymous bind with $userid and retrieve the DN.
$ldap = Net::LDAP->new($server);
if (! $ldap) {
print "DEBUG: failed to connect to $server\n";
return 0;
}
$ldap->bind;
my $mesg = $ldap->search (
base => "o=Motorola,c=US",
filter => "uid=$userid"
);
if ($mesg->code) {
print $mesg->error;
return 0;
}
else {
# Try with all entries to bind with the supplied password.
foreach my $entry ($mesg->all_entries) {
my $dn = $entry->dn;
print "DEBUG: try to bind with DN= $dn, password= $password\n";
$ldap->unbind;
if ($ldap = Net::LDAP->new('directory.mot.com')) {
$ldap->bind( $dn, password => $password );
print "\n", $mesg->code, " ", $mesg->error, "\n";
if ($mesg->code) {
# Bind failed.
return 0;
}
else {
# Bind succeeded.
$mesg = $ldap->search (
base => "o=Motorola,c=US",
filter => "uid=$userid"
);
foreach my $entry ($mesg->all_entries) {
$entry->dump;
}
$ldap->unbind;
return 1;
}
}
else {
# Could not get a new connection.
return 0;
}
}
}
}
|
|
From: Jim H. <ha...@us...> - 2001-01-27 16:16:37
|
Rob,
These 2 consecutive lines are at issue:
if ($ldap = Net::LDAP->new('directory.mot.com')) {
$ldap->bind( $dn, password => $password );
The first is unnecessary, but doen't hurt, other than performance. The second needs to be
preceded by
$mesg =
Your line does the bind, but doesn't store the result anywhere.
--Jim Harle
Rob Hawkes wrote:
> It seems to be impossible to use the non-anonymous bind to do user
> authentication. No matter what kind of bogus password I send along
> with the DN, I get a successful bind. I have tried using lots of
> $ldap->unbind calls, getting a brand new connection, everything I can
> think of. What am I missing? Thank you.
>
> Rob Hawkes
> Motorola, Inc.
>
> ------------------------------------------------------------------------
>
> #! /usr/local/bin/perl
>
> # Test driver.
>
> ldapAuth('rvpl50', 'xxx');
>
> ########################################################################
> #
> # l d a p A u t h
> #
> ########################################################################
>
> sub ldapAuth {
> my($userid,$password) = @_;
>
> use strict;
> use Net::LDAP;
>
> my($ldap,$mesg);
> my $server = "directory.mot.com";
>
> # First do an anonymous bind with $userid and retrieve the DN.
> $ldap = Net::LDAP->new($server);
> if (! $ldap) {
> print "DEBUG: failed to connect to $server\n";
> return 0;
> }
>
> $ldap->bind;
> my $mesg = $ldap->search (
> base => "o=Motorola,c=US",
> filter => "uid=$userid"
> );
> if ($mesg->code) {
> print $mesg->error;
> return 0;
> }
> else {
> # Try with all entries to bind with the supplied password.
> foreach my $entry ($mesg->all_entries) {
> my $dn = $entry->dn;
> print "DEBUG: try to bind with DN= $dn, password= $password\n";
> $ldap->unbind;
>
> if ($ldap = Net::LDAP->new('directory.mot.com')) {
> $ldap->bind( $dn, password => $password );
>
> print "\n", $mesg->code, " ", $mesg->error, "\n";
>
> if ($mesg->code) {
> # Bind failed.
> return 0;
> }
> else {
> # Bind succeeded.
> $mesg = $ldap->search (
> base => "o=Motorola,c=US",
> filter => "uid=$userid"
> );
>
> foreach my $entry ($mesg->all_entries) {
> $entry->dump;
> }
>
> $ldap->unbind;
> return 1;
> }
> }
> else {
> # Could not get a new connection.
> return 0;
> }
> }
> }
> }
|
|
From: Rob H. <rob...@mo...> - 2001-01-27 16:42:51
|
Jim,
Thank you for responding. I found the problem early this morning and
have been feeling like a bozo ever since. Guess I should have slept on
it before bothering the list. Thanks again.
Rob
Jim Harle wrote:
>
> Rob,
> These 2 consecutive lines are at issue:
>
> if ($ldap = Net::LDAP->new('directory.mot.com')) {
> $ldap->bind( $dn, password => $password );
>
> The first is unnecessary, but doen't hurt, other than performance. The second needs to be
> preceded by
> $mesg =
> Your line does the bind, but doesn't store the result anywhere.
>
> --Jim Harle
>
> Rob Hawkes wrote:
>
> > It seems to be impossible to use the non-anonymous bind to do user
> > authentication. No matter what kind of bogus password I send along
> > with the DN, I get a successful bind. I have tried using lots of
> > $ldap->unbind calls, getting a brand new connection, everything I can
> > think of. What am I missing? Thank you.
> >
> > Rob Hawkes
> > Motorola, Inc.
> >
> > ------------------------------------------------------------------------
> >
> > #! /usr/local/bin/perl
> >
> > # Test driver.
> >
> > ldapAuth('rvpl50', 'xxx');
> >
> > ########################################################################
> > #
> > # l d a p A u t h
> > #
> > ########################################################################
> >
> > sub ldapAuth {
> > my($userid,$password) = @_;
> >
> > use strict;
> > use Net::LDAP;
> >
> > my($ldap,$mesg);
> > my $server = "directory.mot.com";
> >
> > # First do an anonymous bind with $userid and retrieve the DN.
> > $ldap = Net::LDAP->new($server);
> > if (! $ldap) {
> > print "DEBUG: failed to connect to $server\n";
> > return 0;
> > }
> >
> > $ldap->bind;
> > my $mesg = $ldap->search (
> > base => "o=Motorola,c=US",
> > filter => "uid=$userid"
> > );
> > if ($mesg->code) {
> > print $mesg->error;
> > return 0;
> > }
> > else {
> > # Try with all entries to bind with the supplied password.
> > foreach my $entry ($mesg->all_entries) {
> > my $dn = $entry->dn;
> > print "DEBUG: try to bind with DN= $dn, password= $password\n";
> > $ldap->unbind;
> >
> > if ($ldap = Net::LDAP->new('directory.mot.com')) {
> > $ldap->bind( $dn, password => $password );
> >
> > print "\n", $mesg->code, " ", $mesg->error, "\n";
> >
> > if ($mesg->code) {
> > # Bind failed.
> > return 0;
> > }
> > else {
> > # Bind succeeded.
> > $mesg = $ldap->search (
> > base => "o=Motorola,c=US",
> > filter => "uid=$userid"
> > );
> >
> > foreach my $entry ($mesg->all_entries) {
> > $entry->dump;
> > }
> >
> > $ldap->unbind;
> > return 1;
> > }
> > }
> > else {
> > # Could not get a new connection.
> > return 0;
> > }
> > }
> > }
> > }
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X