2009-05-14 18:19:49 +02:00
|
|
|
|
##@file
|
|
|
|
|
# LDAP password backend file
|
|
|
|
|
|
|
|
|
|
##@class
|
|
|
|
|
# LDAP password backend class
|
|
|
|
|
package Lemonldap::NG::Portal::PasswordDBLDAP;
|
|
|
|
|
|
2009-12-21 23:28:38 +01:00
|
|
|
|
use strict;
|
2009-05-14 18:19:49 +02:00
|
|
|
|
use Lemonldap::NG::Portal::Simple;
|
|
|
|
|
use Lemonldap::NG::Portal::_LDAP 'ldap'; #link protected ldap
|
|
|
|
|
use Lemonldap::NG::Portal::UserDBLDAP; #inherits
|
2010-01-21 18:38:55 +01:00
|
|
|
|
|
2010-10-02 17:45:10 +02:00
|
|
|
|
#inherits Lemonldap::NG::Portal::_SMTP
|
2009-05-14 18:19:49 +02:00
|
|
|
|
|
2011-11-07 12:18:42 +01:00
|
|
|
|
our $VERSION = '1.2.0';
|
2009-05-14 18:19:49 +02:00
|
|
|
|
|
|
|
|
|
*_formateFilter = *Lemonldap::NG::Portal::UserDBLDAP::formateFilter;
|
|
|
|
|
*_search = *Lemonldap::NG::Portal::UserDBLDAP::search;
|
|
|
|
|
|
2009-10-12 18:55:35 +02:00
|
|
|
|
## @apmethod int passwordDBInit()
|
2009-12-21 23:28:38 +01:00
|
|
|
|
# Load SMTP functions
|
2009-05-14 18:19:49 +02:00
|
|
|
|
# @return Lemonldap::NG::Portal constant
|
|
|
|
|
sub passwordDBInit {
|
2009-12-21 23:28:38 +01:00
|
|
|
|
my $self = shift;
|
|
|
|
|
eval { use base qw(Lemonldap::NG::Portal::_SMTP) };
|
|
|
|
|
if ($@) {
|
|
|
|
|
$self->lmLog( "Unable to load SMTP functions ($@)", 'error' );
|
|
|
|
|
return PE_ERROR;
|
|
|
|
|
}
|
2009-05-14 18:19:49 +02:00
|
|
|
|
PE_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2011-05-30 22:53:03 +02:00
|
|
|
|
## @apmethod int modifyPassword()
|
2009-05-14 18:19:49 +02:00
|
|
|
|
# Modify the password by LDAP mechanism.
|
|
|
|
|
# @return Lemonldap::NG::Portal constant
|
|
|
|
|
sub modifyPassword {
|
2011-05-30 22:53:03 +02:00
|
|
|
|
my $self = shift;
|
2009-05-14 18:19:49 +02:00
|
|
|
|
|
|
|
|
|
# Exit method if no password change requested
|
|
|
|
|
return PE_OK unless ( $self->{newpassword} );
|
|
|
|
|
|
|
|
|
|
unless ( $self->ldap ) {
|
|
|
|
|
return PE_LDAPCONNECTFAILED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Set the dn unless done before
|
|
|
|
|
unless ( $self->{dn} ) {
|
|
|
|
|
my $tmp = $self->_subProcess(qw(_formateFilter _search));
|
|
|
|
|
return $tmp if ($tmp);
|
|
|
|
|
}
|
|
|
|
|
|
2009-10-12 18:55:35 +02:00
|
|
|
|
$self->lmLog( "Modify password request for " . $self->{dn}, 'debug' );
|
2009-06-02 17:34:13 +02:00
|
|
|
|
|
2009-05-14 18:19:49 +02:00
|
|
|
|
# Call the modify password method
|
2010-01-22 22:54:58 +01:00
|
|
|
|
my $code = $self->ldap->userModifyPassword(
|
2009-10-12 18:55:35 +02:00
|
|
|
|
$self->{dn}, $self->{newpassword},
|
|
|
|
|
$self->{confirmpassword}, $self->{oldpassword}
|
|
|
|
|
);
|
2010-01-22 22:54:58 +01:00
|
|
|
|
|
2011-05-30 17:45:56 +02:00
|
|
|
|
return $code unless ( $code == PE_PASSWORD_OK );
|
|
|
|
|
|
2011-06-21 14:34:42 +02:00
|
|
|
|
# If password policy and force reset, set reset flag
|
|
|
|
|
if ( $self->{ldapPpolicyControl}
|
|
|
|
|
and $self->{forceReset}
|
|
|
|
|
and $self->{ldapUsePasswordResetAttribute} )
|
|
|
|
|
{
|
|
|
|
|
my $result = $self->ldap->modify(
|
|
|
|
|
$self->{dn},
|
|
|
|
|
replace => {
|
|
|
|
|
$self->{ldapPasswordResetAttribute} =>
|
|
|
|
|
$self->{ldapPasswordResetAttributeValue}
|
|
|
|
|
}
|
|
|
|
|
);
|
2011-05-30 17:45:56 +02:00
|
|
|
|
|
|
|
|
|
unless ( $result->code == 0 ) {
|
2011-06-21 14:34:42 +02:00
|
|
|
|
$self->lmLog(
|
|
|
|
|
"LDAP modify "
|
|
|
|
|
. $self->{ldapPasswordResetAttribute}
|
|
|
|
|
. " error: "
|
|
|
|
|
. $result->code,
|
|
|
|
|
'error'
|
|
|
|
|
);
|
2011-05-30 17:45:56 +02:00
|
|
|
|
$code = PE_LDAPERROR;
|
|
|
|
|
}
|
|
|
|
|
|
2011-06-21 14:34:42 +02:00
|
|
|
|
$self->lmLog(
|
|
|
|
|
$self->{ldapPasswordResetAttribute}
|
|
|
|
|
. " set to "
|
|
|
|
|
. $self->{ldapPasswordResetAttributeValue},
|
|
|
|
|
'debug'
|
|
|
|
|
);
|
2011-05-30 17:45:56 +02:00
|
|
|
|
}
|
|
|
|
|
|
2010-01-22 22:54:58 +01:00
|
|
|
|
return $code;
|
2009-05-14 18:19:49 +02:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
1;
|