Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Re: LDAP authentication with Net::LDAP

by inman (Curate)
on Feb 10, 2004 at 13:13 UTC ( #327902=note: print w/replies, xml ) Need Help??


in reply to LDAP authentication with Net::LDAP

You need to bind to the directory so that you can test the password. The password is not stored. Only the hash is stored. The hash can only be viewed if your user DN has the correct priviledge.

The code example below connects to an LDAP(S) directory using an application DN, looks up the full user DN based on their uid and then binds using the user DN and their password to check if it is OK.

#! /usr/bin/perl use strict; #http://search.cpan.org/~gbarr/perl-ldap-0.30/lib/Net/LDAP.pod use Net::LDAPS; use Net::LDAP; my $host = "myhost:389"; my $ldaps = 0; my $adminDn = "cn=myapp, ou=applications, o=MyOrg"; my $adminPwd = "password"; my $searchBase = "ou=people, o=MyOrg"; my $userdn = testGuid ("myGUID", "password"); if ($userdn) { print "$userdn checks out!\n"; } sub getUserDn { my $ldap; my $guid = shift; my $dn; my $entry; if ($ldaps) { $ldap = Net::LDAPS->new($host, verify=>'none') or die "$@"; } else { $ldap = Net::LDAP->new($host, verify=>'none') or die "$@"; + } my $mesg = $ldap->bind ($adminDn, password=>"$adminPwd"); $mesg->code && return undef; $mesg = $ldap->search(base => $searchBase, filter => "uid=$guid" ) +; $mesg->code && return undef; $entry = $mesg->shift_entry; if ($entry) { $dn = $entry->dn; $entry->dump; } $ldap->unbind; return $dn; } sub testGuid { my $ldap; my $guid = shift; my $userPwd = shift; my $userDn = getUserDn ($guid); return undef unless $userDn; if ($ldaps) { $ldap = Net::LDAPS->new($host, verify=>'none') or die "$@"; } else { $ldap = Net::LDAP->new($host, verify=>'none') or die "$@"; + } my $mesg = $ldap->bind ($userDn, password=>"$userPwd"); if ($mesg->code) { # Bad Bind print $mesg->error . "\n"; return undef; } $ldap->unbind; return $userDn; }

Replies are listed 'Best First'.
Re: Re: LDAP authentication with Net::LDAP
by Anonymous Monk on Feb 10, 2004 at 15:08 UTC
    Many thanks, that was of great help.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://327902]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (5)
As of 2018-01-19 19:50 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How did you see in the new year?










    Results (222 votes). Check out past polls.

    Notices?