Of course, this is a in progress work (and will be "in-progress" forever, as I will allways need to add or change something...). If you like this, please drop me a note, comment or suggestion. Code follows.
File "LDAPPasswordChangerPlugin.txt":
%META:TOPICINFO{author="lcampos" date="1085143647" format="1.0" versio
+n="1.3"}%
---+ LDAP Password Changer TWiki Plugin
This plugin asks for and changes your password at an pre-configured LD
+AP server.
---++ Syntax Rules
There is only one command to apply, just use %<nop>LDAPPASSWORDCHANGER
+% and the Plugin will do the rest.
---++ <nop>%TOPIC% Global Settings
* One line description, shown in the %TWIKIWEB%.TextFormattingRule
+s topic:
* Set SHORTDESCRIPTION = LDAP Server user password automated c
+hanger.
* The LDAP Server you will contact:
* Set LDAP_SERVER = orelhao.integral.com.br
* Base DN from where searches will start at your server
* Set LDAP_BASE_DN = dc=integral,dc=com,dc=br
* Filter to select the *current* user (maybe a lot trickier, sugge
+stions are welcome!)
* Set LDAP_FILTER = (&(objectClass=posixAccount)(uid=%s))
* Debug plugin: (See output in =data/debug.txt=)
* Set DEBUG = 1
---++ Plugin Installation Instructions
__Note:__ You do not need to install anything on the browser to use th
+is plugin. The following instructions are for the administrator who i
+nstalls the plugin on the server where TWiki is running.
* Download the ZIP file from the Plugin web (see below)
* Unzip ==%TOPIC%.zip== in your twiki installation directory. Cont
+ent:
| *File:* | *Description:* |
| ==data/TWiki/%TOPIC%.txt== | Plugin topic |
| ==data/TWiki/%TOPIC%.txt,v== | Plugin topic repository |
| ==lib/TWiki/Plugins/%TOPIC%.pm== | Plugin Perl module |
* Test if the plugin is correctly installed:
* Create a topic and adds the %<nop>LDAPPASSWORDCHANGER<nop>%
+tag to it. Preview and Save the test topic. You will see a dialog box
+ asking you your old and new passwords. If you're able to fill the fi
+elds and change your LDAP Server user password, everything is ok.
---++ Plugin Info
| Plugin Author: | %TWIKIWEB%.LuisCampos |
| Plugin Version: | 20 May 2004 (V1.000) |
| Change History: | <!-- specify latest version first --> |
| 20 May 2004: | Initial version |
| CPAN Dependencies: | [[http://search.cpan.org/~gbarr/perl-ldap-0.31
+/lib/Net/LDAP.pod][Net::LDAP]], [[http://search.cpan.org/author/LDS/C
+GI.pm-3.05/CGI.pm][CGI]] |
| Other Dependencies: | Your TWiki should be running under LDAP-based
+ authentication schema |
| Perl Version: | 5.8.1 |
| Plugin Home: | http://TWiki.org/cgi-bin/view/Plugins/%TOPIC% |
| Feedback: | http://TWiki.org/cgi-bin/view/Plugins/%TOPIC%Dev |
__Related Topics:__ %TWIKIWEB%.TWikiPreferences, %TWIKIWEB%.TWikiPlugi
+ns, DefaultPlugin
-- %MAINWEB%.LuisCampos - 20 May 2004
File LDAPPasswordChangerPlugin.pm:
# Plugin for TWiki Collaboration Platform, http://TWiki.org/
#
# Copyleft (C) 2004 Luis Campos, monsieur_champs@yahoo.com.br
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details, published at
# http://www.gnu.org/copyleft/gpl.html
#
# =========================
package TWiki::Plugins::LDAPPasswordChangerPlugin;
# =========================
use vars qw(
$web $topic $user $installWeb $VERSION $pluginName
$debug $ldap_server $base_dn $filter
);
$VERSION = '1.000';
$pluginName = 'LDAPPasswordChangerPlugin';
# =========================
sub initPlugin{
( $topic, $web, $user, $installWeb ) = @_;
# check for Plugins.pm versions
if( $TWiki::Plugins::VERSION < 1 ){
TWiki::Func::writeWarning( "Version mismatch between $pluginName a
+nd Plugins.pm" );
return 0;
}
# Get plugin debug flag
$debug = TWiki::Func::getPreferencesFlag( "\U$pluginName\E_DEBUG" );
# Get LDAP Server Domain Name or IP Address
$ldap_server = &TWiki::Prefs::getPreferencesValue( "\U$pluginName\E_
+LDAP_SERVER" );
$base_dn = &TWiki::Prefs::getPreferencesValue( "\U$pluginName\E_LDAP
+_BASE_DN" );
$filter = sprintf( &TWiki::Prefs::getPreferencesValue( "\U$pluginNam
+e\E_LDAP_FILTER" ), $TWiki::userName );
# Plugin correctly initialized
TWiki::Func::writeDebug( "- TWiki::Plugins::${pluginName}::initPlugi
+n( $web.$topic ) is OK" ) if $debug;
return 1;
}
# =========================
sub commonTagsHandler{
# do not uncomment, use $_[0], $_[1]... instead
### my ( $text, $topic, $web ) = @_;
TWiki::Func::writeDebug( "- ${pluginName}::commonTagsHandler( $_[2].
+$_[1] )" )
if $debug;
$_[0] =~ s/%LDAPPASSWORDCHANGER%/&pwChanger()/ge;
}
# =========================
sub pwChanger{
use CGI;
my ( $cgi, $message ) = ( new CGI, undef );
my ( $old, $new, $repeat, $change )
= map $cgi->param( $_ ), qw( oldpwd newpwd1 newpwd2 change );
if( $old ){
# Got old password.
if( $new ){
# Got New Password.
if( $repeat ){
# Got new password repeat.
if( $new == $repeat ){
# Same password entered twice: I can safely change.
$message = talkToLDAP( $old, $new )
}else{
# User can't repeat new password: there is something wrong.
$message = q{%X% %RED%'New Password' and 'Repeat New Password' f
+ields doesn't match.%ENDCOLOR%};
}
}else{
# Error: New Password Repeat field is empty;
$message = q{%X% %RED%Please fill in your new password twice.%ENDC
+OLOR%};
}
}else{
# Error: New Password field is empty.
$message = q{%X% %RED%Please fill in your new password.%ENDCOLOR
+%};
}
}else{
# Error: Empty old password.
$message = q{%X% %RED%Please fill in your old password.%ENDCOLOR%}
+;
}
return genDialog( $change? $message : ' ' );
}
# =========================
sub talkToLDAP{
use Net::LDAP;
my( $old, $new, $ldap, $dn ) = ( shift, shift, new Net::LDAP( $ldap_
+server ), undef );
return q{%X% %RED%Can't contact LDAP Server. Please review %MAINWEB%
+.LDAPPasswordChangerPlugin configuration.%ENDCOLOR%} unless $ldap;
my $msg;
$msg = $ldap->bind;
return q{%X% %RED%LDAP Error:}.$msg->error.q{%ENDCOLOR%}
if $msg->is_error;
TWiki::Func::writeDebug( qq{calling ldap::search( base => '$base_dn'
+, filter => '$filter' ) } )
if $debug;
$msg = $ldap->search( base => $base_dn, filter => $filter, attrs =>
+[ '1.1' ] );
return
q{%X% %RED%LDAP doesn't return any users.<br />Please inform LDAP
+Administrator.%ENDCOLOR%}
unless $dn = $msg->shift_entry();
$msg = $ldap->bind( $dn, password => $old );
return q{%X% %RED%LDAP Error:}.$msg->error.q{%ENDCOLOR%}
if $msg->is_error;
$msg = $ldap->modify( $dn, replace => { userPassword => $new } );
return q{%X% %RED%LDAP Error:}.$msg->error.q{%ENDCOLOR%}
if $msg->is_error;
$ldap->unbind;
return q{%Y% %GREEN%Password changed sucessfully%ENDCOLOR%};
}
# =========================
sub genDialog{
my $message = shift;
return q{
<form action="%TOPIC%" method="post">
<table bgcolor="%WEBBGCOLOR%" align="center" border="0" cellpadding=
+"1" cellspacing="1">
<tr>
<td height="25" colspan="2" valign="middle" align="center">
<b> Alteração de Senha </b>
</td>
</tr>
<tr>
<td>
<table bgcolor="#FFFFFF" align="center" border="0" cellpadding
+="1" cellspacing="8">} . ($message ? qq{
<tr>
<td align="center" colspan="2"> $message </td>
</tr> } : '' ) .q{
<tr>
<td align="right"> Senha Antiga: </td>
<td> <input type="password" name="oldpwd"> </td>
</tr>
<tr>
<td align="right"> Nova Senha: </td>
<td> <input type="password" name="newpwd1"> </td>
</tr>
<tr>
<td align="right"> Repita Senha: </td>
<td> <input type="password" name="newpwd2"> </td>
</tr>
</table>
</td>
</tr>
<tr>
<td height="30" colspan="2" valign="middle" align="center">
<input type="submit" name="change" value=" M
+udar Senha ">
</td>
</tr>
</table>
</form>
};
} # end sub
1;