Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re: LDAP authentication with Net::LDAP

by inman (Curate)
on Feb 10, 2004 at 13:13 UTC ( #327902=note: print w/replies, xml ) Need Help??


in reply to LDAP authentication with Net::LDAP

You need to bind to the directory so that you can test the password. The password is not stored. Only the hash is stored. The hash can only be viewed if your user DN has the correct priviledge.

The code example below connects to an LDAP(S) directory using an application DN, looks up the full user DN based on their uid and then binds using the user DN and their password to check if it is OK.

#! /usr/bin/perl use strict; #http://search.cpan.org/~gbarr/perl-ldap-0.30/lib/Net/LDAP.pod use Net::LDAPS; use Net::LDAP; my $host = "myhost:389"; my $ldaps = 0; my $adminDn = "cn=myapp, ou=applications, o=MyOrg"; my $adminPwd = "password"; my $searchBase = "ou=people, o=MyOrg"; my $userdn = testGuid ("myGUID", "password"); if ($userdn) { print "$userdn checks out!\n"; } sub getUserDn { my $ldap; my $guid = shift; my $dn; my $entry; if ($ldaps) { $ldap = Net::LDAPS->new($host, verify=>'none') or die "$@"; } else { $ldap = Net::LDAP->new($host, verify=>'none') or die "$@"; + } my $mesg = $ldap->bind ($adminDn, password=>"$adminPwd"); $mesg->code && return undef; $mesg = $ldap->search(base => $searchBase, filter => "uid=$guid" ) +; $mesg->code && return undef; $entry = $mesg->shift_entry; if ($entry) { $dn = $entry->dn; $entry->dump; } $ldap->unbind; return $dn; } sub testGuid { my $ldap; my $guid = shift; my $userPwd = shift; my $userDn = getUserDn ($guid); return undef unless $userDn; if ($ldaps) { $ldap = Net::LDAPS->new($host, verify=>'none') or die "$@"; } else { $ldap = Net::LDAP->new($host, verify=>'none') or die "$@"; + } my $mesg = $ldap->bind ($userDn, password=>"$userPwd"); if ($mesg->code) { # Bad Bind print $mesg->error . "\n"; return undef; } $ldap->unbind; return $userDn; }

Replies are listed 'Best First'.
Re: Re: LDAP authentication with Net::LDAP
by Anonymous Monk on Feb 10, 2004 at 15:08 UTC
    Many thanks, that was of great help.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://327902]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (3)
As of 2017-11-18 03:50 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    In order to be able to say "I know Perl", you must have:













    Results (277 votes). Check out past polls.

    Notices?