X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FAuth%2FLDAP.pm;h=18c395e65ecd9087e7a0ffe617e3edaa7c429921;hb=2ef19c818a05b2baa2552ae5b4edbcc16bcfc986;hp=82122588dfda7f0393c24a4d1454de309c428bf4;hpb=8c7e44938a661e035f62840e1e177353240ace5d;p=kivitendo-erp.git diff --git a/SL/Auth/LDAP.pm b/SL/Auth/LDAP.pm index 82122588d..18c395e65 100644 --- a/SL/Auth/LDAP.pm +++ b/SL/Auth/LDAP.pm @@ -2,7 +2,10 @@ package SL::Auth::LDAP; use English '-no_match_vars'; -use SL::Auth; +use Scalar::Util qw(weaken); +use SL::Auth::Constants qw(:all); + +use strict; sub new { $main::lxdebug->enter_sub(); @@ -15,6 +18,7 @@ sub new { my $self = {}; $self->{auth} = shift; + weaken $self->{auth}; bless $self, $type; @@ -23,6 +27,12 @@ sub new { return $self; } +sub reset { + my ($self) = @_; + $self->{ldap} = undef; + $self->{dn_cache} = { }; +} + sub _connect { $main::lxdebug->enter_sub(); @@ -39,20 +49,20 @@ sub _connect { $self->{ldap} = Net::LDAP->new($cfg->{host}, 'port' => $port); if (!$self->{ldap}) { - $main::form->error($main::locale->text('The LDAP server "#1:#2" is unreachable. Please check config/authentication.pl.', $cfg->{host}, $port)); + $main::form->error($main::locale->text('The LDAP server "#1:#2" is unreachable. Please check config/kivitendo.conf.', $cfg->{host}, $port)); } if ($cfg->{tls}) { my $mesg = $self->{ldap}->start_tls('verify' => 'none'); if ($mesg->is_error()) { - $main::form->error($main::locale->text('The connection to the LDAP server cannot be encrypted (SSL/TLS startup failure). Please check config/authentication.pl.')); + $main::form->error($main::locale->text('The connection to the LDAP server cannot be encrypted (SSL/TLS startup failure). Please check config/kivitendo.conf.')); } } if ($cfg->{bind_dn}) { my $mesg = $self->{ldap}->bind($cfg->{bind_dn}, 'password' => $cfg->{bind_password}); if ($mesg->is_error()) { - $main::form->error($main::locale->text('Binding to the LDAP server as "#1" failed. Please check config/authentication.pl.', $cfg->{bind_dn})); + $main::form->error($main::locale->text('Binding to the LDAP server as "#1" failed. Please check config/kivitendo.conf.', $cfg->{bind_dn})); } } @@ -144,54 +154,61 @@ sub authenticate { if ($is_crypted) { $main::lxdebug->leave_sub(); - return SL::Auth::ERR_BACKEND; + return ERR_BACKEND; } my $ldap = $self->_connect(); if (!$ldap) { $main::lxdebug->leave_sub(); - return SL::Auth::ERR_BACKEND; + return ERR_BACKEND; } my $dn = $self->_get_user_dn($ldap, $login); - $main::lxdebug->message(LXDebug::DEBUG2, "LDAP authenticate: dn $dn"); + $main::lxdebug->message(LXDebug->DEBUG2(), "LDAP authenticate: dn $dn"); if (!$dn) { $main::lxdebug->leave_sub(); - return SL::Auth::ERR_BACKEND; + return ERR_BACKEND; } my $mesg = $ldap->bind($dn, 'password' => $password); - $main::lxdebug->message(LXDebug::DEBUG2, "LDAP authenticate: bind mesg " . $mesg->error()); + $main::lxdebug->message(LXDebug->DEBUG2(), "LDAP authenticate: bind mesg " . $mesg->error()); $main::lxdebug->leave_sub(); - return $mesg->is_error() ? SL::Auth::ERR_PASSWORD : SL::Auth::OK; + return $mesg->is_error() ? ERR_PASSWORD : OK; } sub can_change_password { return 0; } +sub requires_cleartext_password { + return 1; +} + sub change_password { - return SL::Auth::ERR_BACKEND; + return ERR_BACKEND; } sub verify_config { $main::lxdebug->enter_sub(); + my $form = $main::form; + my $locale = $main::locale; + my $self = shift; my $cfg = $self->{auth}->{LDAP_config}; if (!$cfg) { - $form->error($locale->text('config/authentication.pl: Key "LDAP_config" is missing.')); + $form->error($locale->text('config/kivitendo.conf: Key "authentication/ldap" is missing.')); } if (!$cfg->{host} || !$cfg->{attribute} || !$cfg->{base_dn}) { - $form->error($locale->text('config/authentication.pl: Missing parameters in "LDAP_config". Required parameters are "host", "attribute" and "base_dn".')); + $form->error($locale->text('config/kivitendo.conf: Missing parameters in "authentication/ldap". Required parameters are "host", "attribute" and "base_dn".')); } $main::lxdebug->leave_sub();