fixes for 51184, 51185, 51186: allow for ldap authentication. patches

by jmrobins@tgix.com (Joe Robins). LDAP sections haven't been tested yet, but the code is arranged such that it shouldn't disturb existing user authentication system.

fixes for 51184, 51185, 51186: allow for ldap authentication. patches
39166470 · cyeh%bluemartini.com · c89c74e3 · 39166470 · 39166470 · 39166470
Commit 39166470 authored Sep 16, 2000 by cyeh%bluemartini.com
Expand all Hide whitespace changes
Inline Side-by-side

Showing with 64 additions and 6 deletions

CGI.pl CGI.pl +0 -0

createaccount.cgi createaccount.cgi +9 -0

defparams.pl defparams.pl +30 -0

editusers.cgi editusers.cgi +25 -6

No files found.
--- a/CGI.pl
+++ b/CGI.pl
--- a/createaccount.cgi
+++ b/createaccount.cgi
@@ -20,6 +20,7 @@
 #
 # Contributor(s): Terry Weissman <terry@mozilla.org>
 #                 David Gardiner <david.gardiner@unisa.edu.au>
+#                 Joe Robins <jmrobins@tgix.com>

 use diagnostics;
 use strict;
@@ -42,6 +43,14 @@ Content-type: text/html

 ";

+# If we're using LDAP for login, then we can't create a new account here.
+if(Param('useLDAP')) {
+  PutHeader("Can't create LDAP accounts");
+  print "This site is using LDAP for authentication.  Please contact an LDAP ";
+  print "administrator to get a new account created.\n";
+  PutFooter();
+  exit;
+}

 my $login = $::FORM{'login'};
 my $realname = $::FORM{'realname'};

--- a/defparams.pl
+++ b/defparams.pl
@@ -203,6 +203,36 @@ sub check_despotbaseurl {
 }


+# Adding in four parameters for LDAP authentication.  -JMR, 7/28/00
+DefParam("useLDAP",
+         "Turn this on to use an LDAP directory for user authentication ".
+         "instead of the Bugzilla database.  (User profiles will still be ".
+         "stored in the database, and will match against the LDAP user by ".
+         "email address.)",
+         "b",
+         0);
+
+
+DefParam("LDAPserver",
+         "The name (and optionally port) of your LDAP server. (e.g. ldap.company.com, or ldap.company.com:portnum)",
+         "t",
+         "");
+
+
+DefParam("LDAPBaseDN",
+         "The BaseDN for authenticating users against. (e.g. \"ou=People,o=Company\")",
+         "t",
+         "");
+
+
+DefParam("LDAPmailattribute",
+         "The name of the attribute of a user in your directory that ".
+         "contains the email address.",
+         "t",
+         "mail");
+#End of LDAP parameters
+
+
 DefParam("headerhtml",
         "Additional HTML to add to the HEAD area of documents, eg. links to stylesheets.",
         "l",

--- a/editusers.cgi
+++ b/editusers.cgi
@@ -20,6 +20,7 @@
 #
 # Contributor(s): Holger Schurig <holgerschurig@nikocity.de>
 #                 Dave Miller <dave@intrec.com>
+#                 Joe Robins <jmrobins@tgix.com>
 #
 # Direct any questions on this source code to
 #
@@ -109,8 +110,11 @@ sub EmitFormElements ($$$$$$$)
    if ($editall) {
        print "</TR><TR>\n";
        print "  <TH ALIGN=\"right\">Password:</TH>\n";
-        print "  <TD><INPUT TYPE=\"PASSWORD\" SIZE=16 MAXLENGTH=16 NAME=\"password\" VALUE=\"$password\"></TD>\n";
-
+        if(Param('useLDAP')) {
+          print "  <TD><FONT COLOR=RED>This site is using LDAP for authentication!</FONT></TD>\n";
+        } else {
+          print "  <TD><INPUT TYPE=\"PASSWORD\" SIZE=16 MAXLENGTH=16 NAME=\"password\" VALUE=\"$password\"></TD>\n";
+        }
        print "</TR><TR>\n";
        print "  <TH ALIGN=\"right\">Email notification:</TH>\n";
        print qq{<TD><SELECT NAME="emailnotification">};
@@ -341,7 +345,7 @@ if ($action eq 'list') {
        }
 	print "</TR>";
    }
-    if ($editall) {
+    if ($editall && !Param('useLDAP')) {
        print "<TR>\n";
        my $span = $candelete ? 3 : 2;
        print qq{
@@ -375,6 +379,13 @@ if ($action eq 'add') {
        exit;
    }

+    if(Param('useLDAP')) {
+      print "This site is using LDAP for authentication.  To add a new user, ";
+      print "please contact the LDAP administrators.";
+      PutTrailer();
+      exit;
+    }
+
    print "<FORM METHOD=POST ACTION=editusers.cgi>\n";
    print "<TABLE BORDER=0 CELLPADDING=4 CELLSPACING=0><TR>\n";

@@ -406,6 +417,13 @@ if ($action eq 'new') {
        exit;
    }

+    if(Param('useLDAP')) {
+      print "This site is using LDAP for authentication.  To add a new user, ";
+      print "please contact the LDAP administrators.";
+      PutTrailer();
+      exit;
+    }
+
    # Cleanups and valididy checks
    my $realname = trim($::FORM{realname} || '');
    my $password = trim($::FORM{password} || '');
@@ -667,7 +685,7 @@ if ($action eq 'edit') {
    print "</TR></TABLE>\n";

    print "<INPUT TYPE=HIDDEN NAME=\"userold\" VALUE=\"$user\">\n";
-    if ($editall) {
+    if ($editall && !Param('useLDAP')) {
        print "<INPUT TYPE=HIDDEN NAME=\"passwordold\" VALUE=\"$password\">\n";
    }
    print "<INPUT TYPE=HIDDEN NAME=\"realnameold\" VALUE=\"$realname\">\n";
@@ -764,13 +782,14 @@ if ($action eq 'update') {
 		 WHERE login_name=" . SqlQuote($userold));
 	print "Updated email notification.<BR>\n";
    }
-
-    if ($editall && $password ne $passwordold) {
+    if(!Param('useLDAP')) {
+      if ($editall && $password ne $passwordold) {
        my $q = SqlQuote($password);
        SendSQL("UPDATE profiles
 		 SET password= $q, cryptpassword = ENCRYPT($q)
 		 WHERE login_name=" . SqlQuote($userold));
 	print "Updated password.<BR>\n";
+      }
    }
    if ($editall && $realname ne $realnameold) {
        SendSQL("UPDATE profiles