--- Lib.pm.or	2005-09-27 23:08:20.000000000 +0200
+++ Lib.pm	2005-09-27 23:09:25.000000000 +0200
@@ -50,6 +50,9 @@
 use vars qw($Hosts $HostsMTime $ConfigMTime $PrivAdmin);
 use vars qw(%UserEmailInfo $UserEmailInfoMTime %RestoreReq %ArchiveReq);
 use vars qw($Lang);
+use vars qw($connexionDb $mysqlServerUsername $mysqlServerPw $cookie
+            $peopleDn $ldap_server $adminDn $adminPw $droitsDn $cn @cn
+	    $baseurl);
 
 @ISA = qw(Exporter);
 
@@ -112,7 +115,7 @@
     # Default REMOTE_USER so in a miminal installation the user
     # has a sensible default.
     #
-    $ENV{REMOTE_USER} = $Conf{BackupPCUser} if ( $ENV{REMOTE_USER} eq "" );
+    #$ENV{REMOTE_USER} = $Conf{BackupPCUser} if ( $ENV{REMOTE_USER} eq "" );
 
     #
     # We require that Apache pass in $ENV{SCRIPT_NAME} and $ENV{REMOTE_USER}.
@@ -120,8 +123,71 @@
     # code if you are using some other type of authentication, and have
     # a different way of getting the user name.
     #
-    $MyURL  = $ENV{SCRIPT_NAME};
-    $User   = $ENV{REMOTE_USER};
+    #$MyURL  = $ENV{SCRIPT_NAME};
+    #$User   = "www-se3";
+
+    use CGI::Cookie;
+    use Net::LDAP;
+    require '/etc/SeConfig.ph';
+    # Identification de l'utilisateur
+    # ===============================
+    # R\xe9cup\xe9ration du cookie
+    my %cookies = fetch CGI::Cookie;
+    #open LOG, '>/tmp/bpc.log';
+    #foreach $cookie (keys %cookies) {
+    #  print LOG "$cookie : $cookies{$cookie}\n";
+    #}
+    #close LOG;
+    my $isAdmin = "N";
+    if ($cookies{'SambaEdu3'}) {
+      my $session = $cookies{'SambaEdu3'}->value;
+      # Connexion MySql
+      my $lcs_db = DBI->connect("DBI:mysql:$connexionDb", $mysqlServerUsername, $mysqlServerPw);
+      my $requete = $lcs_db->prepare("select id, login from sessions where (sess = '$session')");
+      $requete->execute();
+      my ( $id, $login ) = $requete->fetchrow_array;
+      $lcs_db->disconnect;
+      # Validation
+      my $admindn = 'uid=' . $login .",". $peopleDn;
+      my @attrs = ('cn');
+      my $lcs_ldap = Net::LDAP->new("$ldap_server");
+      $lcs_ldap->bind(dn       => "$adminDn",
+                      password => "$adminPw");
+      my $res = $lcs_ldap->search(base     => "cn=system_is_admin,$droitsDn",
+                                  scope    => 'subtree',
+                                  attrs    => \@attrs,
+                                  filter   => "(member=$admindn)");
+      foreach my $entry ($res->entries) {
+        @cn  = $entry->get('cn');
+      }
+      if ($cn[0] eq 'system_is_admin') {
+        $isAdmin = "Y";
+      }
+      my $res = $lcs_ldap->search(base     => "cn=se3_is_admin,$droitsDn",
+                                  scope    => 'subtree',
+                                  attrs    => \@attrs,
+                                  filter   => "(member=$admindn)");
+      foreach my $entry ($res->entries) {
+        @cn  = $entry->get('cn');
+      }
+      if ($cn[0] eq 'se3_is_admin') {
+        $isAdmin = "Y";
+      }
+      $lcs_ldap->unbind();
+    }
+
+    if ($isAdmin eq 'N') {
+      print $Cgi->header();
+      print
+        "<!doctype html public \"-//W3C//DTD HTML 4.01 Transitional//EN\">\n",
+        "<html><head>\n",
+        "<meta http-equiv=\"Refresh\" content=\"0; url=" . $baseurl,
+        "Err/401.html\">\n",
+        "</head></html>\n";
+      exit;
+    } else {
+      $User = 'www-se3';
+    }
 
     #
     # Clean up %ENV for taint checking