[LON-CAPA-cvs] cvs: modules /rutgers localauth.pm loncom production_domain.tab

www lon-capa-cvs@mail.lon-capa.org
Sun, 07 Jan 2007 22:22:53 -0000


www		Sun Jan  7 17:22:53 2007 EDT

  Added files:                 
    /modules/rutgers	localauth.pm 

  Modified files:              
    /loncom	production_domain.tab 
  Log:
  Rutgers LDAP
  
  
Index: loncom/production_domain.tab
diff -u loncom/production_domain.tab:1.104 loncom/production_domain.tab:1.105
--- loncom/production_domain.tab:1.104	Sat Jan  6 21:19:06 2007
+++ loncom/production_domain.tab	Sun Jan  7 17:21:31 2007
@@ -68,7 +68,7 @@
 ohiouk12:Ohio University - K12:::en-US:Athens, OH:-82.1:39.329:ohiouk12l1
 
 #Hosted
-rutgers:Rutgers:::en-US::::rutgersl1
+rutgers:Rutgers:localauth:rutgers:en-US::::rutgersl1
 mineola:Mineola Public Schools:::en-US::::mineolal1
 okemos:Okemos Public Schools:::en-US::::okemosl1
 coleman:Coleman School District:::en-US::::colemanl1

Index: modules/rutgers/localauth.pm
+++ modules/rutgers/localauth.pm
# The LON-CAPA localauthentication mechanism
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
# local authentication using ldap
# To use this package, you will also need the following:
# perl-ldap-0.31.tar.gz
# which in term requires
#  Authen-SASL-2.04.tar.gz
#  Convert-ASN1-0.17.tar.gz
#  IO-Socket-SSL-0.92.tar.gz
#  Net_SSLeay.pm-1.23.tar.gz
#  XML-SAX-Base-1.02.tar.gz
#
# One of the packages may prompt you to update the openssl, so you may also
# need openssl-0.9.7b.tar.gz
#
# Above were the versions used at fsu. 
#
# To implement it on your local system, complete the variable assignment below.
#
# See notes beside each variable.
#
package localauth;
use strict;
use Net::LDAP;
use Net::LDAPS;

# ----START LOCAL CHANGES HERE ----- DON'T DELETE THIS LINE
sub localauth {
    my ($username,$password) = @_;

    my $ldap_host_name = 'ldap.rutgers.edu';    # insert the host name of your ldap server, e.g., ldap.fsu.edu
    my $ldap_ca_file_name = '/home/httpd/lib/perl/local/rutgersldap.certificate'; # insert the ldap certificate filename - include absolute path
                                # certificate is required if you wish to encrypt the password.
                                # e.g., /home/http/perl/lib/local/ldap.certificate
    my $ldap_search_base = 'ou=people,dc=rutgers,dc=edu';  # ldap search base, at fsu this is set to 'o=fsu.edu'.

    my $ldap = Net::LDAPS->new($ldap_host_name,
			       verify => 'require', # 'require' implies that a certificate is needed
                                                    # else set to 'none' if you do not wish to use a certificate
			       cafile => $ldap_ca_file_name,
			       );

    if (not defined $ldap) {
        return (0);
    } 

    $ldap->bind;

    my $search_string = '(uid='.$username.')';
    my $mesg = $ldap->search (base   => $ldap_search_base,
			      filter => $search_string,
			      attrs => ['dn'] ,
			      );
    
    if ($mesg->code) {
	$ldap->unbind;
	$ldap->disconnect;
        return (0) 
    }

    my @entries = $mesg->all_entries;
    if ($#entries != 0) {
	$ldap->unbind;
	$ldap->disconnect;
        return (0) 
    }
    $mesg = $ldap->bind (dn       => $entries[0]->dn,
			 password => $password,
			 );
    
    $ldap->unbind;
    $ldap->disconnect;
    if ($mesg->code) {
        return (0) 
    }

    return (1);
}
# ----END LOCAL CHANGES HERE ----- DON'T DELETE THIS LINE

1;
__END__