added authenticate_database to AccessHandler.pm
This commit is contained in:
@ -9,7 +9,7 @@ License: GPL
|
|||||||
Group: Applications/Utilities
|
Group: Applications/Utilities
|
||||||
Source0: %{name}-%{version}.tar.gz
|
Source0: %{name}-%{version}.tar.gz
|
||||||
|
|
||||||
Requires: httpd php php-ldap php-mysql subversion mod_dav_svn mod_perl perl-LDAP perl-Config-Simple perl-URI perl-DBI
|
Requires: httpd php php-ldap php-mysql subversion mod_dav_svn mod_perl perl-LDAP perl-Config-Simple perl-URI perl-DBI perl-Digest-SHA1
|
||||||
|
|
||||||
#BuildRequires:
|
#BuildRequires:
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
||||||
|
|||||||
@ -94,7 +94,7 @@ svn_base_url = "${REQUEST_PROTOCOL}://${SERVER_NAME}:${SERVER_PORT}/svn"
|
|||||||
; Login model to use.
|
; Login model to use.
|
||||||
;------------------------------------------------------------------------------
|
;------------------------------------------------------------------------------
|
||||||
login_model = "LdapLoginModel"
|
login_model = "LdapLoginModel"
|
||||||
#login_model = "DbLoginModel"
|
#login_model = "DatabaseLoginModel"
|
||||||
|
|
||||||
;------------------------------------------------------------------------------
|
;------------------------------------------------------------------------------
|
||||||
; Comma separated list of system administrator IDs
|
; Comma separated list of system administrator IDs
|
||||||
|
|||||||
@ -39,6 +39,7 @@ use Config::Simple;
|
|||||||
use Net::LDAP;
|
use Net::LDAP;
|
||||||
use URI;
|
use URI;
|
||||||
use DBI;
|
use DBI;
|
||||||
|
use Digest::SHA1 qw (sha1_hex);
|
||||||
|
|
||||||
use Apache2::Const -compile => qw(OK DECLINED FORBIDDEN HTTP_UNAUTHORIZED HTTP_INTERNAL_SERVER_ERROR PROXYREQ_PROXY);
|
use Apache2::Const -compile => qw(OK DECLINED FORBIDDEN HTTP_UNAUTHORIZED HTTP_INTERNAL_SERVER_ERROR PROXYREQ_PROXY);
|
||||||
|
|
||||||
@ -52,22 +53,24 @@ sub get_config
|
|||||||
}
|
}
|
||||||
|
|
||||||
my $config = {
|
my $config = {
|
||||||
ldap_server_uri => $cfg->param ("ldap_server_uri"),
|
login_model => $cfg->param ('login_model'),
|
||||||
ldap_server_protocol_version => $cfg->param ("ldap_server_protocol_version"),
|
|
||||||
ldap_auth_mode => $cfg->param ("ldap_auth_mode"),
|
|
||||||
ldap_userid_format => $cfg->param ("ldap_userid_format"),
|
|
||||||
ldap_password_format => $cfg->param ("ldap_password_format"),
|
|
||||||
ldap_userid_admin_binddn => $cfg->param ("ldap_admin_binddn"),
|
|
||||||
ldap_userid_admin_password => $cfg->param ("ldap_admin_password"),
|
|
||||||
ldap_userid_search_base => $cfg->param ("ldap_userid_search_base"),
|
|
||||||
ldap_userid_search_fitler => $cfg->param ("ldap_userid_search_filter"),
|
|
||||||
|
|
||||||
database_hostname => $cfg->param ("database_hostname"),
|
ldap_server_uri => $cfg->param ('ldap_server_uri'),
|
||||||
database_username => $cfg->param ("database_username"),
|
ldap_server_protocol_version => $cfg->param ('ldap_server_protocol_version'),
|
||||||
database_password => $cfg->param ("database_password"),
|
ldap_auth_mode => $cfg->param ('ldap_auth_mode'),
|
||||||
database_name => $cfg->param ("database_name"),
|
ldap_userid_format => $cfg->param ('ldap_userid_format'),
|
||||||
database_driver => $cfg->param ("database_driver"),
|
ldap_password_format => $cfg->param ('ldap_password_format'),
|
||||||
database_prefix => $cfg->param ("database_prefix")
|
ldap_userid_admin_binddn => $cfg->param ('ldap_admin_binddn'),
|
||||||
|
ldap_userid_admin_password => $cfg->param ('ldap_admin_password'),
|
||||||
|
ldap_userid_search_base => $cfg->param ('ldap_userid_search_base'),
|
||||||
|
ldap_userid_search_fitler => $cfg->param ('ldap_userid_search_filter'),
|
||||||
|
|
||||||
|
database_hostname => $cfg->param ('database_hostname'),
|
||||||
|
database_username => $cfg->param ('database_username'),
|
||||||
|
database_password => $cfg->param ('database_password'),
|
||||||
|
database_name => $cfg->param ('database_name'),
|
||||||
|
database_driver => $cfg->param ('database_driver'),
|
||||||
|
database_prefix => $cfg->param ('database_prefix')
|
||||||
};
|
};
|
||||||
|
|
||||||
return $config;
|
return $config;
|
||||||
@ -85,7 +88,7 @@ sub format_string
|
|||||||
return $out;
|
return $out;
|
||||||
}
|
}
|
||||||
|
|
||||||
sub authenticate
|
sub authenticate_ldap
|
||||||
{
|
{
|
||||||
my ($cfg, $userid, $password) = @_;
|
my ($cfg, $userid, $password) = @_;
|
||||||
my $binddn;
|
my $binddn;
|
||||||
@ -125,6 +128,21 @@ sub authenticate
|
|||||||
return ($res->code == 0)? 1: 0;
|
return ($res->code == 0)? 1: 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub authenticate_database
|
||||||
|
{
|
||||||
|
my ($dbh, $prefix, $userid, $password) = @_;
|
||||||
|
|
||||||
|
my $query = $dbh->prepare ("SELECT userid FROM ${prefix}account WHERE userid=? AND password=?");
|
||||||
|
if (!$query || !$query->execute ($userid, sha1_hex($password)))
|
||||||
|
{
|
||||||
|
return (-1, $dbh->errstr());
|
||||||
|
}
|
||||||
|
|
||||||
|
my @row = $query->fetchrow_array;
|
||||||
|
$query->finish ();
|
||||||
|
return (((scalar(@row) > 0)? 1: 0), undef);
|
||||||
|
}
|
||||||
|
|
||||||
sub open_database
|
sub open_database
|
||||||
{
|
{
|
||||||
my ($cfg) = @_;
|
my ($cfg) = @_;
|
||||||
@ -160,6 +178,7 @@ sub is_project_member
|
|||||||
}
|
}
|
||||||
|
|
||||||
my @row = $query->fetchrow_array;
|
my @row = $query->fetchrow_array;
|
||||||
|
$query->finish ();
|
||||||
return (((scalar(@row) > 0)? 1: 0), undef);
|
return (((scalar(@row) > 0)? 1: 0), undef);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -174,6 +193,7 @@ sub is_project_public
|
|||||||
}
|
}
|
||||||
|
|
||||||
my @row = $query->fetchrow_array;
|
my @row = $query->fetchrow_array;
|
||||||
|
$query->finish ();
|
||||||
return (((scalar(@row) > 0 && $row[0] eq 'Y')? 1: 0), undef);
|
return (((scalar(@row) > 0 && $row[0] eq 'Y')? 1: 0), undef);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -230,7 +250,15 @@ sub __handler
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
my $auth = authenticate ($cfg, $userid, $password);
|
my $auth = -3;
|
||||||
|
if ($cfg->{login_model} eq 'LdapLoginModel')
|
||||||
|
{
|
||||||
|
$auth = authenticate_ldap ($cfg, $userid, $password);
|
||||||
|
}
|
||||||
|
elsif ($cfg->{login_model} eq 'DatabaseLoginModel')
|
||||||
|
{
|
||||||
|
$auth = authenticate_database ($dbh, $cfg->{database_prefix}, $userid, $password);
|
||||||
|
}
|
||||||
if ($auth <= -1)
|
if ($auth <= -1)
|
||||||
{
|
{
|
||||||
# failed to contact the authentication server
|
# failed to contact the authentication server
|
||||||
|
|||||||
Reference in New Issue
Block a user