Jadi untuk memakai otentifikasi LDAP kita tidak mungkin secara polos memakainya tanpa mengkombinasikan dengan data otorisasi yang telah ada. Karena itu mari kita gunakan logika untuk memakai LDAP kedalam existing apps contoh kasus ini memakai windows server directory.
- Buatlah sebuah funsi untuk melakukan test otentifikasi dalam pl/sql dengan return varchar2.
- Gunakan fungsi tersebut dalam custom otentifikasi yang telah kita miliki.
CREATE OR REPLACE function function_ldap_test( p_username in varchar2, p_password in varchar2) return varchar2 as p_dn varchar2(50) := 'your_domain\'||p_username; p_ldap_host varchar2(50) := 'ldap_server_host_or_ip'; p_ldap_port number := 389; l_retval pls_integer; l_retval2 pls_integer; l_session dbms_ldap.session; begin l_retval := -1; dbms_ldap.use_exception := TRUE; begin l_session := dbms_ldap.init( p_ldap_host, p_ldap_port ); l_retval := dbms_ldap.simple_bind_s( l_session, p_dn, p_password ); l_retval2 := dbms_ldap.unbind_s( l_session ); return 'OK'; exception when others then l_retval2 := dbms_ldap.unbind_s( l_session ); return null; end; exception when others then return null; end function_ldap_test; /
CREATE OR REPLACE function my_auth(
p_username in varchar2,
p_password in varchar2)
return boolean
as
l_ldap_test varchar2(200);
begin
l_ldap_test:=function_ldap_test(p_username,p_password);
if l_dap_test is null then
return false;
else
return true;
end if;
end my_auth;
/
CREATE OR REPLACE function function_ldap_test(
p_username in varchar2,
p_password in varchar2)
return varchar2
as
l_ldap_host varchar2(256) := 'ldap_server_host_or_ip';
l_ldap_port varchar2(256) := '389';
l_ldap_user varchar2(256) := 'my_domain\'||p_username;
l_ldap_passwd varchar2(256) := p_password;
l_ldap_base varchar2(256) := 'dc=my_domain,dc=com';
l_filter varchar2(100) := 'sAMAccountName='||p_username;
l_retval pls_integer;
l_retval2 pls_integer;
l_session dbms_ldap.session;
l_attrs dbms_ldap.string_collection;
l_message dbms_ldap.message;
l_entry dbms_ldap.message;
l_attr_name varchar2(256);
l_ber_element dbms_ldap.ber_element;
l_vals dbms_ldap.string_collection;
l_raw dbms_ldap.binval_collection;
l_result varchar2(100);
begin
-- Choose to raise exceptions.
dbms_ldap.use_exception := true;
dbms_ldap.utf8_conversion := false;
-- Connect to the LDAP server.
l_session := dbms_ldap.init(hostname => l_ldap_host, portnum => l_ldap_port);
l_retval := dbms_ldap.simple_bind_s(ld => l_session, dn => l_ldap_user, passwd => l_ldap_passwd);
-- Get mail attributes
l_attrs(1) :=nvl( p_attribute,'mail');
l_retval := dbms_ldap.search_s(ld => l_session
,base => l_ldap_base
,scope => dbms_ldap.scope_subtree
,filter => l_filter
,attrs => l_attrs
,attronly => 0
,res => l_message);
if dbms_ldap.count_entries(ld => l_session, msg => l_message) > 0
then
-- Get all the entries returned by our search.
l_entry := dbms_ldap.first_entry(ld => l_session, msg => l_message);
while l_entry is not null
loop
-- Get all the attributes for this entry.
l_attr_name := dbms_ldap.first_attribute(ld => l_session
,ldapentry => l_entry
,ber_elem => l_ber_element);
while l_attr_name is not null
loop
-- Get all the values for this attribute.
l_vals := dbms_ldap.get_values(ld => l_session, ldapentry => l_entry, attr => l_attr_name);
for i in l_vals.first .. l_vals.last
loop
return substr(l_vals(i), 1, 200);
end loop values_loop;
l_attr_name := dbms_ldap.next_attribute(ld => l_session
,ldapentry => l_entry
,ber_elem => l_ber_element);
end loop attibutes_loop;
l_entry := dbms_ldap.next_entry(ld => l_session, msg => l_entry);
end loop entry_loop;
end if;
-- Disconnect from the LDAP server.
l_retval2 := dbms_ldap.unbind_s(ld => l_session);
exception when others then
l_retval2 := dbms_ldap.unbind_s(ld => l_session);
return null;
end function_ldap_test;
/
Sumber : Oracle APEX Forum
Tidak ada komentar :
Posting Komentar