Thanks everyone for all the comments. First of all, sorry to not mention "doesn't work". There is no security risk as this Link will only be used from within a different application. I am providing the script that needs to be executed over CGI via the webserver. It connects to LDAP and queries the username and some other details and with those creates a user account in another application (using system call). Reason is mentioned in the script comments.
This script works fine with shift flag on line 11, by running the script manually like 'perl myscript.pl 212453261'.
#!/usr/bin/perl
use strict;
use CGI;
use Net::LDAP;
use IPC::System::Simple qw(system capture);
#create CGI query object to get the SSO from URL
#my $query = new CGI;
#my $sso = $query->param( "sso" );
my $sso = shift;
if( $sso == "" )
{
print "<html>";
print "<body>";
print "<h1>\n\n ERROR: Entered SSO is EMPTY! </h1>\n\n";
die "Empty SSO";
}
else
{
print "<p>Processing: $sso</p>\n\n";
#LDAP server with port
my $LDAP_SERVER = 'ldaps://ldap.hostname.com:636/ou=enterprise,dc=vds,
+dc=logon';
my $LDAP_USER = 'bind_user';
my $LDAP_PWD = 'bindpwd';
#base tree to start searching
my $BASE = "ou=users,ou=enterprise,dc=vds,dc=logon";
#Just search for the SSO - no group search required.
my $FILTER = "(cn=$sso)";
#values to return - we need CN - SSO, First Name, Last Name, and Email
my $ATRBS = ['cn', 'givenName', 'sn', 'mail'];
#Start LDAP session and bind to LDAP
my $ldap = Net::LDAP->new($LDAP_SERVER) or die "$@";
my $mesg = $ldap->bind($LDAP_USER, password=>$LDAP_PWD);
my $result = $ldap->search(base => $BASE,
filter => $FILTER,
attrs => $ATRBS
);
my @entries = $result->entries;
#only one result should be returned
if(@entries == 1) {
print "\n\t<p>Found user $sso in LDAP</p>\n";
my $usr = $entries[0];
my $firstName = $usr->get_value('givenName');
my $lastName = $usr->get_value('sn');
my $email = $usr->get_value('mail');
print "\t<p>Creating User account in Application with \n
Login name:- $sso \n
FullName:- $firstName $lastName \n
Email ID:- $email \n
</p>\n\n";
#*********SYSTEM CALL **********
#script within a script both files in same path
#This is required because the main script runs with ActiveState Extend
+ed Perl v5.24.1
#Whereas cqperl runs with v5.16.1 (limited features), cannot use Activ
+eState for this one.
#*********SYSTEM CALL **********
system( "cqperl NewLdapUser.pl $sso $firstName $lastName $email" );
print "\n\t<p>Application account created for $sso - $firstName $last
+Name - $email</p>\n\n";
}
else {
#error
print "\t<h1>ERROR: Wrong SSO or User doesn't exist in OneAD LDAP</h
+1>\n\n";
}
$mesg = $ldap->unbind;
}
print "\t<h3>DONE!</h3>\n";
print "</body></html>";
The output of the script is attached below. All I am looking for is to find out a way to parse the value from $sso = shift to just $sso using CGI.
# perl myscript.pl 212453261
<p>Processing: 212453261</p>
<p>Found user 212453261 in LDAP</p>
<p>Creating User account in Application with
Login name:- 212453261
FullName:- John Doe
Email ID:- john.doe@mailhost.com
</p>
<p>Application account created for 212453261 - John Doe - john
+.doe@mailhost.com</p>
<h3>DONE!</h3>
|