xmpp.chapril.org-ejabberd/src/ejabberd_auth_ldap.erl

%%%----------------------------------------------------------------------
%%% File    : ejabberd_auth_ldap.erl
%%% Author  : Alexey Shchepin <alexey@sevcom.net>
%%% Purpose : Authentification via LDAP
%%% Created : 12 Dec 2004 by Alexey Shchepin <alexey@sevcom.net>
%%% Id      : $Id$
%%%----------------------------------------------------------------------

-module(ejabberd_auth_ldap).
-author('alexey@sevcom.net').
-vsn('$Revision$ ').

%% External exports
-export([start/0,
	 set_password/3,
	 check_password/3,
	 check_password/5,
	 try_register/3,
	 dirty_get_registered_users/0,
	 get_vh_registered_users/1,
	 get_password/2,
	 get_password_s/2,
	 is_user_exists/2,
	 remove_user/2,
	 remove_user/3,
	 plain_password_required/0
	]).

-include("ejabberd.hrl").
-include("eldap/eldap.hrl").

%%%----------------------------------------------------------------------
%%% API
%%%----------------------------------------------------------------------
start() ->
    LDAPServers = ejabberd_config:get_local_option(ldap_servers),
    RootDN = ejabberd_config:get_local_option(ldap_rootdn),
    Password = ejabberd_config:get_local_option(ldap_password),
    eldap:start_link("ejabberd", LDAPServers, 389, RootDN, Password),
    eldap:start_link("ejabberd_bind", LDAPServers, 389, RootDN, Password),
    ok.

plain_password_required() ->
    true.

check_password(User, _Server, Password) ->
    case find_user_dn(User) of
	false ->
	    false;
	DN ->
	    case eldap:bind("ejabberd_bind", DN, Password) of
		ok ->
		    true;
		_ ->
		    false
	    end
    end.

check_password(User, Server, Password, _StreamID, _Digest) ->
    check_password(User, Server, Password).

set_password(_User, _Server, _Password) ->
    {error, not_allowed}.

try_register(_User, _Server, _Password) ->
    {error, not_allowed}.

dirty_get_registered_users() ->
    get_vh_registered_users(?MYNAME).

get_vh_registered_users(Server) ->
    LServer = jlib:nameprep(Server),
    Attr = ejabberd_config:get_local_option(ldap_uidattr),
    Filter = eldap:present(Attr),
    Base = ejabberd_config:get_local_option(ldap_base),
    case eldap:search("ejabberd", [{base, Base},
				   {filter, Filter},
				   {attributes, [Attr]}]) of
	#eldap_search_result{entries = Es} ->
	    lists:flatmap(
	      fun(E) ->
		      case lists:keysearch(Attr, 1, E#eldap_entry.attributes) of
			  {value, {_, [U]}} ->
			      case jlib:nodeprep(U) of
				  error ->
				      [];
				  LU ->
				      [{LU, LServer}]
			      end;
			  _ ->
			      []
		      end
	      end, Es);
	_ ->
	    []
    end.

get_password(_User, _Server) ->
    false.

get_password_s(_User, _Server) ->
    "".

is_user_exists(User, _Server) ->
    case find_user_dn(User) of
	false ->
	    false;
	_DN ->
	    true
    end.

remove_user(_User, _Server) ->
    {error, not_allowed}.

remove_user(_User, _Server, _Password) ->
    not_allowed.


%%%----------------------------------------------------------------------
%%% Internal functions
%%%----------------------------------------------------------------------

find_user_dn(User) ->
    Attr = ejabberd_config:get_local_option(ldap_uidattr),
    Filter = eldap:equalityMatch(Attr, User),
    Base = ejabberd_config:get_local_option(ldap_base),
    case eldap:search("ejabberd", [{base, Base},
				   {filter, Filter},
				   {attributes, []}]) of
	#eldap_search_result{entries = [E | _]} ->
	    E#eldap_entry.object_name;
	_ ->
	    false
    end.
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`%%%----------------------------------------------------------------------`
			`%%% File : ejabberd_auth_ldap.erl`
			`%%% Author : Alexey Shchepin <alexey@sevcom.net>`
			`%%% Purpose : Authentification via LDAP`
			`%%% Created : 12 Dec 2004 by Alexey Shchepin <alexey@sevcom.net>`
			`%%% Id : $Id$`
			`%%%----------------------------------------------------------------------`

			`-module(ejabberd_auth_ldap).`
			`-author('alexey@sevcom.net').`
			`-vsn('$Revision$ ').`

			`%% External exports`
			`-export([start/0,`
Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`set_password/3,`
			`check_password/3,`
			`check_password/5,`
			`try_register/3,`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`dirty_get_registered_users/0,`
Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`get_vh_registered_users/1,`
			`get_password/2,`
			`get_password_s/2,`
			`is_user_exists/2,`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`remove_user/2,`
Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`remove_user/3,`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`plain_password_required/0`
			`]).`

* src/ejabberd_auth_ldap.erl: Added listing of users support SVN Revision: 332 2005-04-27 03:08:18 +02:00			`-include("ejabberd.hrl").`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`-include("eldap/eldap.hrl").`

			`%%%----------------------------------------------------------------------`
			`%%% API`
			`%%%----------------------------------------------------------------------`
			`start() ->`
			`LDAPServers = ejabberd_config:get_local_option(ldap_servers),`
			`RootDN = ejabberd_config:get_local_option(ldap_rootdn),`
			`Password = ejabberd_config:get_local_option(ldap_password),`
			`eldap:start_link("ejabberd", LDAPServers, 389, RootDN, Password),`
			`eldap:start_link("ejabberd_bind", LDAPServers, 389, RootDN, Password),`
			`ok.`

			`plain_password_required() ->`
			`true.`

Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`check_password(User, _Server, Password) ->`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`case find_user_dn(User) of`
			`false ->`
			`false;`
			`DN ->`
			`case eldap:bind("ejabberd_bind", DN, Password) of`
			`ok ->`
			`true;`
			`_ ->`
			`false`
			`end`
			`end.`

Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`check_password(User, Server, Password, _StreamID, _Digest) ->`
			`check_password(User, Server, Password).`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00
Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`set_password(_User, _Server, _Password) ->`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`{error, not_allowed}.`

Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`try_register(_User, _Server, _Password) ->`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`{error, not_allowed}.`

			`dirty_get_registered_users() ->`
* src/ejabberd_auth_ldap.erl: Added listing of users support SVN Revision: 332 2005-04-27 03:08:18 +02:00			`get_vh_registered_users(?MYNAME).`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00
* src/ejabberd_auth_ldap.erl: Added listing of users support SVN Revision: 332 2005-04-27 03:08:18 +02:00			`get_vh_registered_users(Server) ->`
			`LServer = jlib:nameprep(Server),`
			`Attr = ejabberd_config:get_local_option(ldap_uidattr),`
			`Filter = eldap:present(Attr),`
			`Base = ejabberd_config:get_local_option(ldap_base),`
			`case eldap:search("ejabberd", [{base, Base},`
			`{filter, Filter},`
			`{attributes, [Attr]}]) of`
			`#eldap_search_result{entries = Es} ->`
			`lists:flatmap(`
			`fun(E) ->`
			`case lists:keysearch(Attr, 1, E#eldap_entry.attributes) of`
			`{value, {_, [U]}} ->`
			`case jlib:nodeprep(U) of`
			`error ->`
			`[];`
			`LU ->`
			`[{LU, LServer}]`
			`end;`
			`_ ->`
			`[]`
			`end`
			`end, Es);`
			`_ ->`
			`[]`
			`end.`
Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00
			`get_password(_User, _Server) ->`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`false.`

Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`get_password_s(_User, _Server) ->`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`"".`

Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`is_user_exists(User, _Server) ->`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`case find_user_dn(User) of`
			`false ->`
			`false;`
			`_DN ->`
			`true`
			`end.`

Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`remove_user(_User, _Server) ->`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`{error, not_allowed}.`

Merged the Process One contributions ( Virtual Hosting ) SVN Revision: 307 2005-04-17 20:08:34 +02:00			`remove_user(_User, _Server, _Password) ->`
* src/ejabberd_sm.erl: Added unset_presence_hook * src/mod_last.erl: Use unset_presence_hook instead of direct call * src/ejabberd_auth.erl: Splitted into ejabberd_auth_internal.erl, ejabberd_auth_ldap.erl, and ejabberd_auth_external.erl, * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_ldap.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 290 2004-12-12 22:00:34 +01:00			`not_allowed.`


			`%%%----------------------------------------------------------------------`
			`%%% Internal functions`
			`%%%----------------------------------------------------------------------`

			`find_user_dn(User) ->`
			`Attr = ejabberd_config:get_local_option(ldap_uidattr),`
			`Filter = eldap:equalityMatch(Attr, User),`
			`Base = ejabberd_config:get_local_option(ldap_base),`
			`case eldap:search("ejabberd", [{base, Base},`
			`{filter, Filter},`
			`{attributes, []}]) of`
			`#eldap_search_result{entries = [E \| _]} ->`
			`E#eldap_entry.object_name;`
			`_ ->`
			`false`
			`end.`