[ Index ]

PHP Cross Reference of Unnamed Project

title

Body

[close]

/se3-unattended/var/se3/unattended/install/linuxaux/opt/perl/lib/site_perl/5.10.0/Net/LDAP/Control/ -> ProxyAuth.pm (source)

   1  # Copyright (c) 2001-2004 Graham Barr <gbarr@pobox.com>. All rights reserved.
   2  # This program is free software; you can redistribute it and/or
   3  # modify it under the same terms as Perl itself.
   4  
   5  package Net::LDAP::Control::ProxyAuth;
   6  
   7  use vars qw(@ISA $VERSION);
   8  use Net::LDAP::Control;
   9  
  10  @ISA = qw(Net::LDAP::Control);
  11  $VERSION = "1.05";
  12  
  13  use Net::LDAP::Constant qw(LDAP_CONTROL_PROXYAUTHENTICATION);
  14  use Net::LDAP::ASN qw(proxyAuthValue);
  15  use strict;
  16  
  17  sub LDAP_CONTROL_PROXYAUTHENTICATION_OLD { "2.16.840.1.113730.3.4.12"; }
  18  
  19  sub init {
  20    my($self) = @_;
  21  
  22    delete $self->{asn};
  23  
  24    if (defined($self->{proxyDN})) {
  25      $self->{type} = LDAP_CONTROL_PROXYAUTHENTICATION_OLD;
  26    
  27      unless (exists $self->{value}) {
  28        $self->{asn} = { proxyDN => $self->{proxyDN} || '' };
  29      }
  30    }
  31    else {
  32      $self->{value} = $self->{authzID} || '';
  33    }  
  34  
  35    # criticality must be set !
  36    $self->{critical} = 1;
  37  
  38    $self;
  39  }
  40  
  41  
  42  sub proxyDN {
  43    my $self = shift;
  44  
  45    if (@_) {
  46      delete $self->{value};
  47      
  48      $self->{type} = LDAP_CONTROL_PROXYAUTHENTICATION_OLD;
  49      return $self->{asn}{proxyDN} = shift || '';
  50    }
  51    elsif ($self->{type} eq LDAP_CONTROL_PROXYAUTHENTICATION) {
  52      $self->{error} = 'Illegal query method: use authzID()';
  53      return undef;
  54    }
  55    else {
  56      $self->{asn} ||= $proxyAuthValue->decode($self->{value});
  57    }
  58    
  59    $self->{asn}{proxyDN};
  60  }
  61  
  62  
  63  sub authzID {
  64    my $self = shift;
  65  
  66    if (@_) {
  67      delete $self->{value};
  68      
  69      $self->{type} = LDAP_CONTROL_PROXYAUTHENTICATION;
  70      return $self->{authzID} = shift || '';
  71    }
  72    elsif ($self->{type} eq LDAP_CONTROL_PROXYAUTHENTICATION_OLD) {
  73      $self->{error} = 'Illegal query method: use proxyDN()';
  74      return undef;
  75    }
  76    else {
  77      $self->{authzID} ||= $self->{value};
  78    }
  79  
  80    $self->{authzID};
  81  }
  82  
  83  
  84  sub value {
  85    my $self = shift;
  86  
  87    unless (exists $self->{value}) {
  88      $self->{value} = ($self->{type} eq LDAP_CONTROL_PROXYAUTHENTICATION_OLD)
  89               ? $proxyAuthValue->encode($self->{asn})
  90                       : $self->{authzID} || '';
  91    }
  92      
  93    return $self->{value};  
  94  }
  95  
  96  1;
  97  
  98  __END__
  99  
 100  =head1 NAME
 101  
 102  Net::LDAP::Control::ProxyAuth - LDAPv3 Proxy Authentication control object
 103  
 104  =head1 SYNOPSIS
 105  
 106   use Net::LDAP;
 107   use Net::LDAP::Control::ProxyAuth;
 108  
 109   $ldap = Net::LDAP->new( "ldap.mydomain.eg" );
 110  
 111   $auth = Net::LDAP::Control::ProxyAuth->new( authzID => 'dn:cn=me,ou=people,o=myorg.com' );
 112  
 113   @args = ( base     => "cn=subnets,cn=sites,cn=configuration,$BASE_DN",
 114         scope    => "subtree",
 115         filter   => "(objectClass=subnet)",
 116         callback => \&process_entry, # Call this sub for each entry
 117         control  => [ $auth ],
 118   );
 119  
 120   while(1) {
 121     # Perform search
 122     my $mesg = $ldap->search( @args );
 123  
 124     # Only continue on LDAP_SUCCESS
 125     $mesg->code and last;
 126  
 127   }
 128  
 129  
 130  =head1 DESCRIPTION
 131  
 132  C<Net::LDAP::Control::ProxyAuth> provides an interface for the creation and manipulation
 133  of objects that represent the C<proxyauthorisationControl> as described by draft-weltman-ldapv3-proxy-XX.txt.
 134  
 135  =head1 CONSTRUCTOR ARGUMENTS
 136  
 137  In addition to the constructor arguments described in
 138  L<Net::LDAP::Control> the following are provided.
 139  
 140  =over 4
 141  
 142  =item authzID
 143  
 144  The authzID that is required. This is the identity we are requesting operations to use
 145  
 146  =item proxyDN
 147  
 148  In older versions of draft-weltman-ldapv3-proxy-XX.txt the value in the control and thus the
 149  constructor argument was a DN and was called C<proxyDN>. It served the same purpose as C<authzID>
 150  in recent versions of C<proxyauthorisationControl>.
 151  
 152  =back
 153  
 154  B<Please note:>
 155  Unfortunately the OID and the encoding or the C<proxyauthorisationControl>
 156  changed significantly in recent versions of draft-weltman-ldapv3-proxy-XX.txt.
 157  Net::LDAP::Control::ProxyAuth tries to cope with that situation and changes
 158  the OID and encoding used depending on the constructor argument.
 159  
 160  With C<proxyDN> as constructor argument the old OID and encoding are used,
 161  while with C<authzID> as constructor argument the new OID and encoding are used.
 162  Using this logic servers supporting either OID can be handled correctly.
 163  
 164  =head1 METHODS
 165  
 166  As with L<Net::LDAP::Control> each constructor argument
 167  described above is also available as a method on the object which will
 168  return the current value for the attribute if called without an argument,
 169  and set a new value for the attribute if called with an argument.
 170  
 171  =head1 SEE ALSO
 172  
 173  L<Net::LDAP>,
 174  L<Net::LDAP::Control>,
 175  
 176  =head1 AUTHOR
 177  
 178  Olivier Dubois, Swift sa/nv based on Net::LDAP::Control::Page from
 179  Graham Barr E<lt>gbarr@pobox.comE<gt>. 
 180  Peter Marschall E<lt>peter@adpm.deE<gt> added authzID extensions
 181  based on ideas from Graham Barr E<lt>gbarr@pobox.comE<gt>.
 182  
 183  Please report any bugs, or post any suggestions, to the perl-ldap
 184  mailing list E<lt>perl-ldap@perl.orgE<gt>
 185  
 186  =head1 COPYRIGHT
 187  
 188  Copyright (c) 2001-2004 Graham Barr. All rights reserved. This program is
 189  free software; you can redistribute it and/or modify it under the same
 190  terms as Perl itself.
 191  
 192  =cut
 193  


Generated: Tue Mar 17 22:47:18 2015 Cross-referenced by PHPXref 0.7.1