liquid_feedback_frontend
view env/ldap/bind.lua @ 1738:38a8b840bff7
Create individual privilege only if configured
| author | bsw | 
|---|---|
| date | Mon Oct 11 09:41:05 2021 +0200 (2021-10-11) | 
| parents | 15bde6a79d41 | 
| children | 
 line source
     1 -- binds to configured LDAP server
     2 -- --------------------------------------------------------------------------
     3 -- omit arguments for anonymous bind
     4 --
     5 -- arguments:
     6 --   dn: the distinguished name to be used fo binding (string)
     7 --   password: password credentials (string)
     8 --
     9 -- returns:
    10 --   ldap: in case of success, an LDAP connection handle
    11 --   err: in case of an error, an error code (string)
    12 --   err2: error dependent extra error information
    14 function ldap.bind(dn, password)
    16   local libldap = require("mldap")
    18   local hostlist = ldap.get_hosts()
    20   -- try binding to LDAP server until success of no host entry left  
    21   local ldap
    22   while not ldap do
    24     if #hostlist < 1 then
    25       break
    26     end
    28     local host = table.remove(hostlist, 1)
    30     local err, errno
    31     ldap, err, errno = libldap.bind{
    32       uri = host.uri,
    33       tls = host.tls,
    34       timeout = host.timeout,
    35       who = dn,
    36       password = password
    37     }
    39     if not err and ldap then
    40       return ldap, nil
    41     end
    43     local errno_string
    45     if errno then
    46       errno_string = libldap.errorcodes[errno]
    47     end
    49     if errno == libldap.errorcodes.invalid_credentials then
    50       return nil, "invalid_credentials", errno_string
    51     end
    52   end
    54   return nil, "cant_contact_ldap_server"
    56 end
