use English '-no_match_vars';
-use SL::Auth;
+use Scalar::Util qw(weaken);
+use SL::Auth::Constants qw(:all);
+
+use strict;
sub new {
$main::lxdebug->enter_sub();
my $self = {};
$self->{auth} = shift;
+ weaken $self->{auth};
bless $self, $type;
return $self;
}
+sub reset {
+ my ($self) = @_;
+ $self->{ldap} = undef;
+ $self->{dn_cache} = { };
+}
+
sub _connect {
$main::lxdebug->enter_sub();
$self->{ldap} = Net::LDAP->new($cfg->{host}, 'port' => $port);
if (!$self->{ldap}) {
- $main::form->error($main::locale->text('The LDAP server "#1:#2" is unreachable. Please check config/authentication.pl.', $cfg->{host}, $port));
+ $main::form->error($main::locale->text('The LDAP server "#1:#2" is unreachable. Please check config/kivitendo.conf.', $cfg->{host}, $port));
}
if ($cfg->{tls}) {
my $mesg = $self->{ldap}->start_tls('verify' => 'none');
if ($mesg->is_error()) {
- $main::form->error($main::locale->text('The connection to the LDAP server cannot be encrypted (SSL/TLS startup failure). Please check config/authentication.pl.'));
+ $main::form->error($main::locale->text('The connection to the LDAP server cannot be encrypted (SSL/TLS startup failure). Please check config/kivitendo.conf.'));
}
}
if ($cfg->{bind_dn}) {
my $mesg = $self->{ldap}->bind($cfg->{bind_dn}, 'password' => $cfg->{bind_password});
if ($mesg->is_error()) {
- $main::form->error($main::locale->text('Binding to the LDAP server as "#1" failed. Please check config/authentication.pl.', $cfg->{bind_dn}));
+ $main::form->error($main::locale->text('Binding to the LDAP server as "#1" failed. Please check config/kivitendo.conf.', $cfg->{bind_dn}));
}
}
if ($is_crypted) {
$main::lxdebug->leave_sub();
- return SL::Auth::ERR_BACKEND;
+ return ERR_BACKEND;
}
my $ldap = $self->_connect();
if (!$ldap) {
$main::lxdebug->leave_sub();
- return SL::Auth::ERR_BACKEND;
+ return ERR_BACKEND;
}
my $dn = $self->_get_user_dn($ldap, $login);
- $main::lxdebug->message(LXDebug::DEBUG2, "LDAP authenticate: dn $dn");
+ $main::lxdebug->message(LXDebug->DEBUG2(), "LDAP authenticate: dn $dn");
if (!$dn) {
$main::lxdebug->leave_sub();
- return SL::Auth::ERR_BACKEND;
+ return ERR_BACKEND;
}
my $mesg = $ldap->bind($dn, 'password' => $password);
- $main::lxdebug->message(LXDebug::DEBUG2, "LDAP authenticate: bind mesg " . $mesg->error());
+ $main::lxdebug->message(LXDebug->DEBUG2(), "LDAP authenticate: bind mesg " . $mesg->error());
$main::lxdebug->leave_sub();
- return $mesg->is_error() ? SL::Auth::ERR_PASSWORD : SL::Auth::OK;
+ return $mesg->is_error() ? ERR_PASSWORD : OK;
}
sub can_change_password {
return 0;
}
+sub requires_cleartext_password {
+ return 1;
+}
+
sub change_password {
- return SL::Auth::ERR_BACKEND;
+ return ERR_BACKEND;
}
sub verify_config {
$main::lxdebug->enter_sub();
+ my $form = $main::form;
+ my $locale = $main::locale;
+
my $self = shift;
my $cfg = $self->{auth}->{LDAP_config};
if (!$cfg) {
- $form->error($locale->text('config/authentication.pl: Key "LDAP_config" is missing.'));
+ $form->error($locale->text('config/kivitendo.conf: Key "authentication/ldap" is missing.'));
}
if (!$cfg->{host} || !$cfg->{attribute} || !$cfg->{base_dn}) {
- $form->error($locale->text('config/authentication.pl: Missing parameters in "LDAP_config". Required parameters are "host", "attribute" and "base_dn".'));
+ $form->error($locale->text('config/kivitendo.conf: Missing parameters in "authentication/ldap". Required parameters are "host", "attribute" and "base_dn".'));
}
$main::lxdebug->leave_sub();