Skip to content

Instantly share code, notes, and snippets.

@baconpat
Created December 16, 2010 02:51
class LdapOperation < LDAP::Server::Operation
def initialize(connection, message_id, valid_credentials, logger)
super(connection, message_id)
@logger = logger
@valid_credentials = valid_credentials
end
def simple_bind(version, dn, password)
@logger.info "Got a simple_bind version: #{version.inspect}, dn: #{dn.inspect}, password #{password.inspect}"
if version != 3
@logger.info "Incorrect simple_bind version: #{version.inspect}"
raise LDAP::ResultError::ProtocolError, "version 3 only"
end
@logger.debug "Compare expected password #{password} with #{@valid_credentials[dn]}"
if @valid_credentials[dn] == password
@logger.debug "#{password} is a match"
else
@logger.debug "Bad password '#{password}' for #{dn}"
raise LDAP::ResultError::InvalidCredentials, "Bad credentials"
end
end
def search(basedn, scope, deref, filter)
@logger.debug "Got search. basedn: #{basedn.inspect}, scope: #{scope.inspect}, deref: #{deref.inspect}, filter: #{filter.inspect}"
full_dn = "#{filter[1]}=#{filter.last},#{basedn}"
unless filter[0] == :eq && @valid_credentials.has_key?(full_dn)
@logger.debug "Unexpected search '#{basedn.inspect}' #{filter.inspect}"
raise LDAP::ResultError::UnwillingToPerform, "Invalid"
end
account_name = filter.last
ret = {
"objectclass" => ["top", "person", "organizationalPerson", "user"],
"sAMAccountName" => [filter.last],
"sn" => ["fake_sn"],
"givenName" => ["fake_givenName"],
"cn" => ["fake_cn"],
}
send_SearchResultEntry(full_dn, ret)
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment