2009-05-14 18:19:49 +02:00
|
|
|
|
##@file
|
|
|
|
|
|
# LDAP password backend file
|
|
|
|
|
|
|
|
|
|
|
|
##@class
|
|
|
|
|
|
# LDAP password backend class
|
|
|
|
|
|
package Lemonldap::NG::Portal::PasswordDBLDAP;
|
|
|
|
|
|
|
|
|
|
|
|
use Lemonldap::NG::Portal::Simple;
|
|
|
|
|
|
use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap
|
|
|
|
|
|
use Lemonldap::NG::Portal::UserDBLDAP; #inherits
|
|
|
|
|
|
|
2009-06-03 18:40:41 +02:00
|
|
|
|
our $VERSION = '0.2';
|
2009-05-14 18:19:49 +02:00
|
|
|
|
|
|
|
|
|
|
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
|
|
|
|
|
|
*_search = *Lemonldap::NG::Portal::UserDBLDAP::search;
|
|
|
|
|
|
|
|
|
|
|
|
## @apmethod int apasswordDBInit()
|
|
|
|
|
|
# Load Net::LDAP::Control::PasswordPolicy if needed
|
|
|
|
|
|
# @return Lemonldap::NG::Portal constant
|
|
|
|
|
|
sub passwordDBInit {
|
|
|
|
|
|
my $self = shift;
|
|
|
|
|
|
if ( $self->{ldapPpolicyControl} and not $self->ldap->loadPP()) {
|
|
|
|
|
|
return PE_LDAPERROR;
|
|
|
|
|
|
}
|
|
|
|
|
|
PE_OK;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
## @apmethod int modifyPassword()
|
|
|
|
|
|
# Modify the password by LDAP mechanism.
|
|
|
|
|
|
# @return Lemonldap::NG::Portal constant
|
|
|
|
|
|
sub modifyPassword {
|
|
|
|
|
|
my $self = shift;
|
|
|
|
|
|
|
|
|
|
|
|
# Exit method if no password change requested
|
|
|
|
|
|
return PE_OK unless ( $self->{newpassword} );
|
|
|
|
|
|
|
|
|
|
|
|
unless ( $self->ldap ) {
|
|
|
|
|
|
return PE_LDAPCONNECTFAILED;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
# Set the dn unless done before
|
|
|
|
|
|
unless ( $self->{dn} ) {
|
|
|
|
|
|
my $tmp = $self->_subProcess(qw(_formateFilter _search));
|
|
|
|
|
|
return $tmp if ($tmp);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2009-06-02 17:34:13 +02:00
|
|
|
|
$self->lmLog("Modify password request for ".$self->{dn},'debug');
|
|
|
|
|
|
|
2009-05-14 18:19:49 +02:00
|
|
|
|
# Call the modify password method
|
|
|
|
|
|
return $self->ldap->userModifyPassword( $self->{dn}, $self->{newpassword}, $self->{confirmpassword}, $self->{oldpassword} );
|
|
|
|
|
|
PE_OK;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2009-05-28 18:31:39 +02:00
|
|
|
|
## @apmethod int resetPasswordByMail()
|
|
|
|
|
|
# Reset the password and send a mail.
|
|
|
|
|
|
# @return Lemonldap::NG::Portal constant
|
|
|
|
|
|
sub resetPasswordByMail {
|
|
|
|
|
|
my $self = shift;
|
|
|
|
|
|
|
|
|
|
|
|
# Exit method if no mail
|
|
|
|
|
|
return PE_OK unless ( $self->{mail} );
|
|
|
|
|
|
|
|
|
|
|
|
unless ( $self->ldap ) {
|
|
|
|
|
|
return PE_LDAPCONNECTFAILED;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
# Set the dn unless done before
|
|
|
|
|
|
unless ( $self->{dn} ) {
|
|
|
|
|
|
my $tmp = $self->_subProcess(qw(_formateFilter _search));
|
|
|
|
|
|
return $tmp if ($tmp);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$self->lmLog("Reset password request for ".$self->{dn},'debug');
|
|
|
|
|
|
|
|
|
|
|
|
# Check the required modules before changing password
|
|
|
|
|
|
eval {require String::Random};
|
|
|
|
|
|
if ($@) {
|
|
|
|
|
|
$self->lmLog("Module String::Random not found in @INC",'error' );
|
|
|
|
|
|
return PE_ERROR;
|
|
|
|
|
|
}
|
|
|
|
|
|
eval {require MIME::Lite};
|
|
|
|
|
|
if ($@) {
|
|
|
|
|
|
$self->lmLog("Module MIME::Lite not found in @INC",'error' );
|
|
|
|
|
|
return PE_ERROR;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
# Generate a complex password
|
|
|
|
|
|
my $random = new String::Random;
|
2009-05-29 11:53:07 +02:00
|
|
|
|
my $password = $random->randregex( $self->{randomPasswordRegexp} );
|
2009-05-28 18:31:39 +02:00
|
|
|
|
|
|
|
|
|
|
$self->lmLog("Generated password: ".$password,'debug');
|
|
|
|
|
|
|
|
|
|
|
|
# Call the modify password method
|
|
|
|
|
|
my $pe_error = $self->ldap->userModifyPassword( $self->{dn}, $password, $password );
|
|
|
|
|
|
|
2009-05-29 11:53:07 +02:00
|
|
|
|
return $pe_error unless ($pe_error == PE_PASSWORD_OK);
|
2009-05-28 18:31:39 +02:00
|
|
|
|
|
|
|
|
|
|
# If Password Policy, set the PwdReset flag
|
|
|
|
|
|
if ( $self->{ldapPpolicyControl} ) {
|
|
|
|
|
|
my $result = $self->ldap->modify( $self->{dn}, replace => { 'pwdReset' => 'TRUE' } );
|
|
|
|
|
|
|
|
|
|
|
|
unless ( $result->code == 0) {
|
|
|
|
|
|
$self->lmLog("LDAP modify pwdReset error: ".$result->code,'error');
|
|
|
|
|
|
return PE_LDAPERROR;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$self->lmLog("pwdReset set to TRUE",'debug');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
# Send new password by mail
|
2009-06-03 18:40:41 +02:00
|
|
|
|
$self->{mailBody} =~ s/\$password/$password/g;
|
|
|
|
|
|
$self->{mailBody} =~ s/\$(\w+)/$self->{sessionInfo}->{$1}/g;
|
|
|
|
|
|
$self->lmLog("SMTP From ".$self->{mailFrom},'debug');
|
|
|
|
|
|
$self->lmLog("SMTP To ".$self->{mail},'debug');
|
|
|
|
|
|
$self->lmLog("SMTP Subject ".$self->{mailSubject},'debug');
|
|
|
|
|
|
$self->lmLog("SMTP Body ".$self->{mailBody},'debug');
|
2009-05-28 18:31:39 +02:00
|
|
|
|
eval {
|
|
|
|
|
|
my $message = MIME::Lite->new(
|
|
|
|
|
|
From => $self->{mailFrom},
|
|
|
|
|
|
To => $self->{mail},
|
|
|
|
|
|
Subject => $self->{mailSubject},
|
|
|
|
|
|
Type => "TEXT",
|
2009-06-03 18:40:41 +02:00
|
|
|
|
Data => $self->{mailBody},
|
2009-05-28 18:31:39 +02:00
|
|
|
|
);
|
|
|
|
|
|
$self->{SMTPServer} ? $message->send("smtp",$self->{SMTPServer}) : $message->send();
|
|
|
|
|
|
};
|
|
|
|
|
|
if ($@) {
|
|
|
|
|
|
$self->lmLog("Send message failed: $@",'error');
|
|
|
|
|
|
return PE_ERROR;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
PE_PASSWORD_OK;
|
|
|
|
|
|
}
|
2009-05-14 18:19:49 +02:00
|
|
|
|
1;
|
