diff --git a/docs/changelog/7.x.x.txt b/docs/changelog/7.x.x.txt index 9153e603b..ea16ec167 100644 --- a/docs/changelog/7.x.x.txt +++ b/docs/changelog/7.x.x.txt @@ -5,6 +5,7 @@ - fixed #11101: 7.6.35-7.7 upgrade leaves packages - fixed #11209: Form::HTMLArea uses invalid javascript identifier - fixed #11186: Template Attachments i18n + - fixed #11218: LDAPS does not create users automatically 7.8.4 - Fixed a compatibility problem between WRE and new Spectre code. diff --git a/lib/WebGUI/Auth/LDAP.pm b/lib/WebGUI/Auth/LDAP.pm index ba50cd348..c80d5a0f9 100644 --- a/lib/WebGUI/Auth/LDAP.pm +++ b/lib/WebGUI/Auth/LDAP.pm @@ -64,7 +64,7 @@ sub _isValidLDAPUser { } # Create an LDAP object - if ($ldap = Net::LDAP->new($uri->host, (port=>$uri->port))) { + if ($ldap = Net::LDAP->new($uri->host, (port=>$uri->port,scheme=>$uri->scheme))) { # Bind as a proxy user to search for the user trying to login if($connection->{connectDn}) { @@ -312,7 +312,7 @@ sub createAccountSave { } #Get connectDN from settings my $uri = URI->new($connection->{ldapUrl}); - my $ldap = Net::LDAP->new($uri->host, (port=>$uri->port)); + my $ldap = Net::LDAP->new($uri->host, (port=>$uri->port,scheme=>$uri->scheme)); my $auth; if($connection->{connectDn}) { $auth = $ldap->bind(dn=>$connection->{connectDn}, password=>$connection->{identifier}); diff --git a/t/Auth/LDAP.t b/t/Auth/LDAP.t new file mode 100644 index 000000000..35971413c --- /dev/null +++ b/t/Auth/LDAP.t @@ -0,0 +1,114 @@ +# vim:syntax=perl +#------------------------------------------------------------------- +# WebGUI is Copyright 2001-2009 Plain Black Corporation. +#------------------------------------------------------------------- +# Please read the legal notices (docs/legal.txt) and the license +# (docs/license.txt) that came with this distribution before using +# this software. +#------------------------------------------------------------------ +# http://www.plainblack.com info@plainblack.com +#------------------------------------------------------------------ + +# Test Auth::LDAP to make sure it works with both ldap and ldaps +# +# + +use FindBin; +use strict; +use lib "$FindBin::Bin/../lib"; +use Test::More; +use WebGUI::Test; # Must use this before any other WebGUI modules +use WebGUI::Session; +use Scope::Guard; + +#---------------------------------------------------------------------------- +# Init +my $session = WebGUI::Test->session; + +# Create LDAP Link +my $ldapProps = { + ldapLinkName => "Test LDAP Link", + ldapUrl => "ldaps://smoke.plainblack.com/ou=Convicts,o=shawshank", # Always test ldaps + connectDn => "cn=Samuel Norton,ou=Warden,o=shawshank", + identifier => "gooey", + ldapUserRDN => "dn", + ldapIdentity => "cn", + ldapLinkId => sprintf( '%022s', "testlink" ), +}; +$session->db->setRow("ldapLink","ldapLinkId",$ldapProps, $ldapProps->{ldapLinkId}); +my $ldap = WebGUI::LDAPLink->new( $session, $ldapProps->{ldapLinkId} ); +$session->setting->set('ldapConnection', $ldapProps->{ldapLinkId} ); + +# Cleanup +my @cleanup = ( + Scope::Guard->new(sub { + $session->db->write("delete from ldapLink where ldapLinkId=?", [$ldapProps->{ldapLinkId}]); + }), +); + + +#---------------------------------------------------------------------------- +# Tests + +plan tests => 3; # Increment this number for each test you create + +#---------------------------------------------------------------------------- +# Test Login of existing user +my $user = WebGUI::User->create( $session ); +WebGUI::Test->addToCleanup( $user ); +$user->update({ + authMethod => "LDAP", + username => "Andy Dufresne", +}); +my $auth = $user->authInstance; +$auth->saveParams( $user->getId, $user->get('authMethod'), { + ldapUrl => $ldapProps->{ldapUrl}, + connectDN => "cn=Andy Dufresne,ou=Convicts,o=shawshank", + ldapConnection => $ldapProps->{ldapLinkId}, +} ); + +$session->request->setup_body({ + username => 'Andy Dufresne', + identifier => 'AndyDufresne', +}); +my $out = $auth->login(); + +is( $session->user->getId, $user->getId, 'Andy is logged in' ); + +$session->user({ userId => 1 }); # Restore Visitor + +#---------------------------------------------------------------------------- +# Test anonymous registration +$session->setting->set('anonymousRegistration', 1); +$session->request->setup_body({ + authLDAP_ldapId => 'Ellis Redding', + authLDAP_identifier => 'EllisRedding', + connection => $ldapProps->{ldapLinkId}, + email => 'red@shawshank.com', # email is required by profile +}); +$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' ); + +$out = $auth->createAccountSave; + +is( $session->user->get('username'), 'Ellis Redding', 'Ellis was created' ); +WebGUI::Test->addToCleanup( $session->user ); + +$session->user({ userId => 1 }); # Restore Visitor +$session->setting->set('anonymousRegistration', 0); + +#---------------------------------------------------------------------------- +# Test automatic registration +$session->setting->set('automaticLDAPRegistration', 1); +$session->request->setup_body({ + username => 'Bogs Diamond', + identifier => 'BogsDiamond', +}); +$auth = WebGUI::Auth::LDAP->new( $session, 'LDAP' ); +$out = $auth->login; + +is( $session->user->get('username'), 'Bogs Diamond', 'Bogs was created' ) +or diag( $auth->error ); +WebGUI::Test->addToCleanup( $session->user ); + +$session->user({ userId => 1 }); # Restore Visitor +$session->setting->set('automaticLDAPRegistration', 0);