Problem in LDAP authentication

Problem in LDAP authentication

am 07.12.2007 13:31:00 von Praki

Greetings All,

I m trying to authenticate the user for my web page using the ldap
server.i m able to get the info using user name. but i m not able to
authenticate the password. here is the below code i m using.even if i
give the wrong password it access the ldap server.i m not able to
authenticate the user with their password. i tried in all ways.

use Net::LDAP;
$ldap = Net::LDAP->new("ldap.abc.com");
$mesg = $ldap->bind("$userid",userPassword =>"$pw");

use Net::LDAP;
$ldap = Net::LDAP->new("ldap.abc.com");
$ldap->bind("ou=active,ou=employees,ou=people,o=abc.com",
password=>"$pw");

i m using Sun OS and Perl 5. can anyone tell me where i m going
wrong...

thanks,
Prakash

Re: Problem in LDAP authentication

am 07.12.2007 13:45:18 von Christian Winter

Praki schrieb:
> Greetings All,
>
> I m trying to authenticate the user for my web page using the ldap
> server.i m able to get the info using user name. but i m not able to
> authenticate the password.
>
> here is the below code i m using.even if i
> give the wrong password it access the ldap server.i m not able to
> authenticate the user with their password. i tried in all ways.
>
> use Net::LDAP;
> $ldap = Net::LDAP->new("ldap.abc.com");
> $mesg = $ldap->bind("$userid",userPassword =>"$pw");
>
> use Net::LDAP;
> $ldap = Net::LDAP->new("ldap.abc.com");
> $ldap->bind("ou=active,ou=employees,ou=people,o=abc.com",
> password=>"$pw");
>
> i m using Sun OS and Perl 5. can anyone tell me where i m going
> wrong...

The code above does nothing to explain how you try to accomplish
the equally blurry goal of "authenticate the user...using the ldap
server". But from the second code snippet it becomes painfully
clear that you don't have much clue about how LDAP works. Try to
read up on the LDAP protocol itself, test around with the standard
client (e.g. ldapsearch from the command line), and only when you
have understood what's going on (and e.g. why you can't authenticate
as an OU) post again with a complete, concise example script that
can be run (at least almost) as is, has "use strict;" and "use
warnings;" at the top, checks the return value for each method
call (Net::LDAP's documentation explains that) and makes clear what
you expect it to do.

-Chris