Changes between Version 4 and Version 5 of EDIR_gw_scripts


Ignore:
Timestamp:
01/31/15 15:09:31 (9 years ago)
Author:
lttoth@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • EDIR_gw_scripts

    v4 v5  
    3131=== runtime.cfg   ===                         
    3232runtime configuration data used by EDIR CGI scripts: this file is server/instance specific; do not copy to other serversv 
    33 ||= Parameter Names =||= Description =|| 
    34 ||all_servers                            ||List of all supported EDIR hosts (sxmpa 2/13/2010 - I cannot find anywhere in the EDIR gateway code where this is read out of runtime.cfg) || 
    35 || authserv_gateway_link         ||URL to AUTHSERV web gateway || 
    36 ||authserv_server_link              ||URL to server specific AUTHSERV web gateway (Equalizer issue) || 
    37 ||debug                                    ||0|1: debugging is ON when value is 1 || 
    38 ||directory_adminupdate_link   ||URL to update interface for admin updates (record creation, not attribute updates) || 
    39 ||directory_agent                      ||RDN of credentials used by gateway for normal query access|| 
    40 ||directory_bulkupdate_link      ||URL to update interface for self service attribute updates|| 
    41 ||directory_gateway_link           ||URL to EDIR web gateway|| 
    42 ||directory_gateway_name        ||Name of EDIR web gateway|| 
    43 ||directory_passwd_file             ||Path reference to directory_agent password file|| 
    44 ||directory_server_link              ||URL to server specific EDIR web gateway (Equalizer issue)|| 
    45 ||local_announcements_file      ||Path reference to local announcements text file|| 
    46 ||lock_file                                 ||Path reference to file used to disable EDIR updates|| 
    47 ||log_dir                                   ||Path reference to EDIR log location|| 
    48 || mail_from_authserv               ||email address used in FROM of mail generated for AUTHSERV|| 
    49 ||mail_from_edir                       ||Email address used in FROM of mail generated for EDIR|| 
    50 ||mail_host                                ||Email domain expected in vanity addresses|| 
    51 || mail_to                                  ||Address list for recipients of troubleshooting/batch reporting email|| 
    52 ||max_updateable_attrib_values ||Max number of multiply occuring attribute values allowed by ldap_update|| 
    53 ||nsactivate_port                        ||Port used when ns[in]activate invoked|| 
    54 || privileged_agent                     ||RDN of credentilas utilized by iEDIR web gateway to access privileged information|| 
    55 || privileged_agent_passwd_file  ||Path reference to authserv_agent password file|| 
    56 ||query_servers                          ||List of servers that may respond to query requests (sxmpa 2/13/2010 -This variable should be assigned a single value, which is the host housing the LDAP server queried by this EDIR gateway instance.  The EDIR gateway instance is normally co-located with that LDAP server on the same host, but you have the option of choosing an LDAP server on some other host.  Assigning this variable a list of hostnames rather than a single hostname appears to work correctly, but examination of the code suggests that behaviour in this case is undefined).|| 
    57 ||registry_agent                         ||Oracle schema for EDIR registry|| 
    58 ||registry_db                              ||Oracle instance for EDIR registry|| 
    59 ||registry_passwd_file                 ||Path reference to registry_agent password file|| 
    60 ||release                                    ||Major release number for EDIR web gateway|| 
    61 ||slapd_port                               ||Port for iPlanet directory access|| 
    62 ||slapd_ssl_clause                      ||Additional clause required if slapd_port is SSL configured port|| 
    63 ||update_server                         ||Server(s) that may respond to update requests (local machine issue) (sxmpa 2/13/2010 - the EDIR gateway code reads this variable out of runtime.cfg but does not appear ever to use that value).|| 
    64 ||version                                    ||Gateway instance: TEST PREP or PROD||  
     33  ||= Parameter Names =||= Description =|| 
     34  ||all_servers                            ||List of all supported EDIR hosts (sxmpa 2/13/2010 - I cannot find anywhere in the EDIR gateway code where this is read out of runtime.cfg) || 
     35  || authserv_gateway_link         ||URL to AUTHSERV web gateway || 
     36  ||authserv_server_link              ||URL to server specific AUTHSERV web gateway (Equalizer issue) || 
     37  ||debug                                    ||0|1: debugging is ON when value is 1 || 
     38  ||directory_adminupdate_link   ||URL to update interface for admin updates (record creation, not attribute updates) || 
     39  ||directory_agent                      ||RDN of credentials used by gateway for normal query access|| 
     40  ||directory_bulkupdate_link      ||URL to update interface for self service attribute updates|| 
     41  ||directory_gateway_link           ||URL to EDIR web gateway|| 
     42  ||directory_gateway_name        ||Name of EDIR web gateway|| 
     43  ||directory_passwd_file             ||Path reference to directory_agent password file|| 
     44  ||directory_server_link              ||URL to server specific EDIR web gateway (Equalizer issue)|| 
     45  ||local_announcements_file      ||Path reference to local announcements text file|| 
     46  ||lock_file                                 ||Path reference to file used to disable EDIR updates|| 
     47  ||log_dir                                   ||Path reference to EDIR log location|| 
     48  || mail_from_authserv               ||email address used in FROM of mail generated for AUTHSERV|| 
     49  ||mail_from_edir                       ||Email address used in FROM of mail generated for EDIR|| 
     50  ||mail_host                                ||Email domain expected in vanity addresses|| 
     51  || mail_to                                  ||Address list for recipients of troubleshooting/batch reporting email|| 
     52  ||max_updateable_attrib_values ||Max number of multiply occuring attribute values allowed by ldap_update|| 
     53  ||nsactivate_port                        ||Port used when ns[in]activate invoked|| 
     54  || privileged_agent                     ||RDN of credentilas utilized by iEDIR web gateway to access privileged information|| 
     55  || privileged_agent_passwd_file  ||Path reference to authserv_agent password file|| 
     56  ||query_servers                          ||List of servers that may respond to query requests (sxmpa 2/13/2010 -This variable should be assigned a single value, which is the host housing the LDAP server queried by this EDIR gateway instance.  The EDIR gateway instance is normally co-located with that LDAP server on the same host, but you have the option of choosing an LDAP server on some other host.  Assigning this variable a list of hostnames rather than a single hostname appears to work correctly, but examination of the code suggests that behaviour in this case is undefined).|| 
     57  ||registry_agent                         ||Oracle schema for EDIR registry|| 
     58  ||registry_db                              ||Oracle instance for EDIR registry|| 
     59  ||registry_passwd_file                 ||Path reference to registry_agent password file|| 
     60  ||release                                    ||Major release number for EDIR web gateway|| 
     61  ||slapd_port                               ||Port for iPlanet directory access|| 
     62  ||slapd_ssl_clause                      ||Additional clause required if slapd_port is SSL configured port|| 
     63  ||update_server                         ||Server(s) that may respond to update requests (local machine issue) (sxmpa 2/13/2010 - the EDIR gateway code reads this variable out of runtime.cfg but does not appear ever to use that value).|| 
     64  ||version                                    ||Gateway instance: TEST PREP or PROD||  
    6565 
    6666        Note: runtime.cfg files are machine specific. Do not copy between servers. 
     
    6868 
    6969== Libraries == 
    70 Configuration files are located for every instance at: $HOME/EDIR<INST>/cgi-bin/ 
     70Library sub procedures are located for every instance at: $HOME/EDIR<INST>/cgi-bin/ 
    7171 
    7272=== ldap_lib.pm === 
     
    121121 
    122122 
    123 == CGI SCRIPTS: ($HOME/EDIR<INST>/cgi-bin/) == 
     123== CGI Scripts == 
    124124 
     125GCI Scripts are located at: $HOME/EDIR<INST>/cgi-bin/ 
    125126 
    126 edir_auth               CGI script that validates authentication provided by AUTHSERV before putting up the  
    127                         EDIR "welcome" page. 
    128  
    129 ldap_admin_assist       Generates an HTML form allowing us to assign LDAP entities as SECRETARY to groups 
    130                         of LDAP records sharing a given department.  Utilizes credentials stored in LDAP 
    131                         cookie by ldap_auth.  When form is submitted, ldap_admin_assist generates a file of  
    132                         update requests that is passed to ldap_bulk_update.  Messages returned by  
    133                         bulk_update become a part of the next display of the HTML form. 
    134  
    135 ldap_buildings          Generates an HTML form used to manage building codes utilized by ldap_loc_update and  
    136                         stored in uakEmployeeLocator attribute values. 
    137  
    138 ldap_dept_query         (link to ldap_search; name provides context specific behavior) 
    139  
    140 ldap_dlevelx            Generates an HTML form used by individuals with emplAdmin access to add/delete  
    141                         DLEVELX values to people records. 
    142  
    143 ldap_filter_help        Generates HTML help page (topic: filters) 
    144  
    145 ldap_history            Generates an HTML form used to view EDIR gateway update logs (multiple server issue). 
    146  
    147 ldap_loc_update         Generates an HTML form for maintaining uakEmployeeLocator attribute.  Utilizes  
    148                         credentials stored in LDAP cookie by ldap_auth.  Form parses uakEmployeeLocator, breaking  
    149                         it into component parts: MAU, office location, phone and fax.  When form is submitted,  
    150                         ldap_loc_update generates a file of update requests that is passed to ldap_bulk_update.   
    151                         Messages returned by bulk_update become a part of the next display of the HTML form. 
    152  
    153 ldap_log_out            Generates log out page that destroys EDIR cookie. 
    154  
    155 ldap_passwd_help        Generates HTML help page (topic: passwords) 
    156  
    157 ldap_query              (link to ldap_search; name provides context specific behavior) 
    158  
    159 ldap_search             Generates an HTML form used to get criteria used to search the directory.  Utilizes  
    160                         credentials stored in LDAP cookie by edir_auth.  If no credentials are present, the  
    161                         resulting form contains a subset of the form variables otherwise displayed and queries 
    162                         utilize the gateway interface credentials.  
    163  
    164                         Depending on the name used to call ldap_search (ldap_dept_query and ldap_query are links 
    165                         to ldap_search), the search form is customized to support either "people" or "department"  
    166                         searches. 
    167  
    168 ldap_sec_update         Generates an HTML form used only by account owner to update private question and response. 
    169  
    170 ldap_seed_department    Generates an HTML form allowing creation of "faux" department records ('04' UID extension). 
    171  
    172 ldap_seed_resource      Generates an HTML form allowing creation of ou=resource records. 
    173  
    174 ldap_seed_routing       Generates an HTML form allowing creation of ou=routing records (for @alaska.edu mail routing). 
    175  
    176 ldap_update             Generates an HTML form allowing users to update, add and delete LDAP attribute values for  
    177                         their own LDAP record and the records of those for which they have update ability. 
    178                         Utilizes the credentials stored in LDAP cookie by ldap_auth.  When submitted, ldap_update 
    179                         generates a file of update requests that is passed to ldap_bulk_update.  Messages returned  
    180                         by bulk_update become a part of the next display of the HTML form. 
    181  
    182 ldap_update_help        Generates HTML help page (topic: origins of EDIR data, etc.) 
     127  ||= Script Name =||= Description =|| 
     128  ||edir_auth                 ||CGI script that validates authentication provided by AUTHSERV before putting up the  EDIR "welcome" page.  || 
     129  ||ldap_admin_assist         ||Generates an HTML form allowing us to assign LDAP entities as SECRETARY to groups of LDAP records sharing a given department.  Utilizes credentials stored in  LDAP cookie by ldap_auth.  When form is submitted, ldap_admin_assist generates a file of  update requests that is passed to ldap_bulk_update.  Messages returned by bulk_update become a part of the next display of the HTML form.  || 
     130  ||ldap_buildings            ||Generates an HTML form used to manage building codes utilized by ldap_loc_update and stored in uakEmployeeLocator attribute values. 
     131  ||ldap_dept_query           ||(link to ldap_search; name provides context specific behavior)  || 
     132  ||ldap_dlevelx              ||Generates an HTML form used by individuals with emplAdmin access to add/delete DLEVELX values to people records.  || 
     133  ||ldap_filter_help          ||Generates HTML help page (topic: filters)  || 
     134  ||ldap_history              ||Generates an HTML form used to view EDIR gateway update logs (multiple server issue).  || 
     135  ||ldap_loc_update           ||Generates an HTML form for maintaining uakEmployeeLocator attribute.  Utilizes credentials stored in LDAP cookie by ldap_auth.  Form parses uakEmployeeLocator, breaking it into component parts: MAU, office location, phone and fax.  When form is submitted, ldap_loc_update generates a file of update requests that is passed to   ldap_bulk_update.  Messages returned by bulk_update become a part of the next display of the HTML form.  || 
     136  ||ldap_log_out              ||Generates log out page that destroys EDIR cookie.  || 
     137  ||ldap_passwd_help          ||Generates HTML help page (topic: passwords)  || 
     138  ||ldap_query              ||link to ldap_search; name provides context specific behavior  || 
     139  ||ldap_search               ||Generates an HTML form used to get criteria used to search the directory.  Utilizes credentials stored in LDAP cookie by edir_auth.  If no credentials are present, the resulting form contains a subset of the form variables otherwise displayed and queries utilize the gateway interface credentials.  Depending on the name used to call ldap_search (ldap_dept_query and ldap_query are links  to ldap_search), the search form is customized to support either "people" or "department"   searches.  || 
     140  ||ldap_sec_update           ||Generates an HTML form used only by account owner to update private question and response.  || 
     141  ||ldap_seed_department      ||Generates an HTML form allowing creation of "faux" department records ('04' UID extension).  || 
     142  ||ldap_seed_resource        ||Generates an HTML form allowing creation of ou=resource records.  || 
     143  ||ldap_seed_routing         ||Generates an HTML form allowing creation of ou=routing records (for @alaska.edu mail routing).  || 
     144  ||ldap_update               ||Generates an HTML form allowing users to update, add and delete LDAP attribute values for their own LDAP record and the records of those for which they have update ability. Utilizes the credentials stored in LDAP cookie by ldap_auth.  When submitted,   ldap_update generates a file of update requests that is passed to ldap_bulk_update.  Messages returned by bulk_update become a part of the next display of the HTML form.  || 
     145  ||ldap_update_help          ||Generates HTML help page (topic: origins of EDIR data, etc.)  || 
    183146 
    184147