hi,
I am coding a perl dancer web app that will fetch/write info to an ldap backend
(freeipa.org). The ldap vendor is 389, the old netscape ldap server.
This backend includes kerberos.
So without sasl, it works great. But i would like to avoid passwords provided
we already have a kerberos infrastructure. And I get this error:
substr outside of string at
/opt/perl5/perls/perl-5.14.2/lib/site_perl/5.14.4/Authen/SASL/Perl.pm line 333.
Dancer very helpfully displays that line for me:
my $x = $self->{conn}->encode(substr($_[1], $offset || 0, $bsz));
but this tells me very little.
This is a slightly modified script that binds to the ldap server. I get an
ldap/REALM ticket so I know that piece is working:
use strict;
use warnings;
use Net::LDAP;
use Authen::SASL;
my $ldapbase = "cn=users,cn=accounts,dc=ipa,dc=asenjo,dc=nx";
my ( $name ) = @ARGV ;
print $name , "\n";
my $sasl = Authen::SASL->new(mechanism => 'GSSAPI' ) || die "$@";
my $ldap = Net::LDAP->new('kdc.ipa.asenjo.nx') || die "$@";
my $msg = $ldap->bind( sasl => $sasl );
ldap_search($name);
sub ldap_search {
my ( $search ) = @_;
$msg = $ldap->search(
base => $ldapbase,
scope => "sub",
filter => "(|(uid=*$search*)(cn=*$search*))",
attr => ["uid"],
);
my %ldap_users;
for my $entry ( $msg->entries) {
my $uid = $entry->get_value( 'uid' );
$ldap_users{$uid} = $uid;
}
return %ldap_users;
}
$ ./testkerb test
substr outside of string at
/opt/perl5/perls/perl-5.14.2/lib/site_perl/5.14.4/Authen/SASL/Perl.pm line 333,
<DATA> line 635.
Do you have any ideas about how to tackle this?
TIA,
--
natxo
