Following peoplecode is tested in 8.48.16 and assuming that you are using Oracle Wallet and LDAP libraries for connecting to ldap server. (Tested on HP*UX 11.11 server). It also assumes you have LDAP Port, Server name, Default Connect DN defined in PeopleTools -> Security -> Directory -> Directory Configuration. LDAPS Port is optional but highly recommended. This can be used in following scenarios.
You are logged in PeopleSoft with generic id and you need to validate user's password against ldap directory. Or you want to see programmatically if the user exist in LDAP with a valid password.
Create this as Class to Application Package: XX_UTILS
class LDAP
method ValidatePassword(&userid As string, &pwd As string, &directory_id As string) Returns boolean;
end-class;
method ValidatePassword
/+ &userid as String, +/
/+ &pwd as String, +/
/+ &directory_id as String +/
/+ Returns Boolean +/
Local string &defaultDN, &dn, &outDN, &server, &SSL;
Local integer &port, &nonsslport, &sslport, &EXECRSLT, &start, &num_chars, &ret;
Local Interlink &LDAP_BIND;
Local BIDocs &rootInDoc, &rootOutDoc;
SQLExec("select a.DSCNCTDN, b.DSSRVR, b.LDAPPORT, b.ldapsport from PSDSDIR a, PSDSSRVR b where a.DSDIRID = :1 and a.DSDIRID = b.DSDIRID", &directory_id, &defaultDN, &server, &nonsslport, &sslport);
If All(&sslport) Then
&SSL = "YES";
&port = &sslport;
Else
&SSL = "NO";
&port = &nonsslport;
End-If;
If All(&server, &port, &defaultDN) Then
&LDAP_BIND = GetInterlink(Interlink.LDAP_BIND);
&LDAP_BIND.UserID_Attribute_Name = "uid";
&LDAP_BIND.URL = "file://psio_dir.dll";
&LDAP_BIND.BIDocValidating = "Off";
&LDAP_BIND.SSL = &SSL;
REM &LDAP_BIND.SSL_DB = "e:\certs\cert7.db";
&start = 5;
&num_chars = Find(",", &defaultDN) - &start;
&dn = Replace(&defaultDN, &start, &num_chars, &userid);
&rootInDoc = &LDAP_BIND.GetInputDocs("");
&ret = &rootInDoc.AddValue("Server", &server);
&ret = &rootInDoc.AddValue("Port", &port);
&ret = &rootInDoc.AddValue("Distinguished_Name", &dn);
&ret = &rootInDoc.AddValue("User_Password", &pwd);
&ret = &rootInDoc.AddValue("Encrypted", "NO");
&EXECRSLT = &LDAP_BIND.Execute();
If (&EXECRSLT = 1) Then
&rootOutDoc = &LDAP_BIND.GetOutputDocs("");
&ret = &rootOutDoc.GetValue("Distinguished_Name", &outDN);
If &outDN = &dn Then
Return True;
End-If;
End-If;
End-If;
Return False;
end-method;
Sample code to call the function.
import XX_UTILS:LDAP;
Local XX_UTILS:LDAP &ldap = create XX_UTILS:LDAP();
Local boolean &return;
&userid = "userid"
&pwd = "xxxx";
&directory_id = "LDAP";
&return = &ldap.ValidatePassword(&userid, &pswd, &directory_id);
If &return Then
/* success */
else
/* failure */
end-if;