|
Unix VPS
Support
FAQ
Network
Miscellaneous
|
| Catalyst::Authentication::Store::LDAP::Backend(3) | User Contributed Perl Documentation | Catalyst::Authentication::Store::LDAP::Backend(3) |
NAME
Catalyst::Authentication::Store::LDAP::Backend - LDAP authentication storage backend.SYNOPSIS
# you probably just want Store::LDAP under most cases,
# but if you insist you can instantiate your own store:
use Catalyst::Authentication::Store::LDAP::Backend;
use Catalyst qw/
Authentication
Authentication::Credential::Password
/;
my %config = (
'ldap_server' => 'ldap1.yourcompany.com',
'ldap_server_options' => {
'timeout' => 30,
},
'binddn' => 'anonymous',
'bindpw' => 'dontcarehow',
'start_tls' => 1,
'start_tls_options' => {
'verify' => 'none',
},
'user_basedn' => 'ou=people,dc=yourcompany,dc=com',
'user_filter' => '(&(objectClass=posixAccount)(uid=%s))',
'user_scope' => 'one', # or 'sub' for Active Directory
'user_field' => 'uid',
'user_search_options' => {
'deref' => 'always',
'attrs' => [qw( distinguishedname name mail )],
},
'user_results_filter' => sub { return shift->pop_entry },
'entry_class' => 'MyApp::LDAP::Entry',
'user_class' => 'MyUser',
'use_roles' => 1,
'role_basedn' => 'ou=groups,dc=yourcompany,dc=com',
'role_filter' => '(&(objectClass=posixGroup)(member=%s))',
'role_scope' => 'one',
'role_field' => 'cn',
'role_value' => 'dn',
'role_search_options' => {
'deref' => 'always',
},
'role_search_as_user' => 0,
'persist_in_session' => 'all',
);
our $users = Catalyst::Authentication::Store::LDAP::Backend->new(\%config);
DESCRIPTION
You probably want Catalyst::Authentication::Store::LDAP.Otherwise, this lets you create a store manually.
See the Catalyst::Authentication::Store::LDAP documentation for an explanation of the configuration options.
METHODS
new($config)
Creates a new Catalyst::Authentication::Store::LDAP::Backend object. $config should be a hashref, which should contain the configuration options listed in Catalyst::Authentication::Store::LDAP's documentation.Also sets a few sensible defaults.
find_user( authinfo, $c )
Creates a Catalyst::Authentication::Store::LDAP::User object for the given User ID. This is the preferred mechanism for getting a given User out of the Store.authinfo should be a hashref with a key of either "id" or "username". The value will be compared against the LDAP "user_field" field.
get_user( id, $c)
Creates a Catalyst::Authentication::Store::LDAP::User object for the given User ID, or calls "new" on the class specified in "user_class". This instance of the store object, the results of "lookup_user" and $c are passed as arguments (in that order) to "new". This is the preferred mechanism for getting a given User out of the Store.ldap_connect
Returns a Net::LDAP object, connected to your LDAP server. (According to how you configured the Backend, of course)ldap_bind($ldap, $binddn, $bindpw)
Bind's to the directory. If $ldap is undef, it will connect to the LDAP server first. $binddn should be the DN of the object you wish to bind as, and $bindpw the password.If $binddn is "anonymous", an anonymous bind will be performed.
ldap_auth( $binddn, $bindpw )
Connect to the LDAP server and do an authenticated bind against the directory. Throws an exception if connecting to the LDAP server fails. Returns 1 if binding succeeds, 0 if it fails.lookup_user($id)
Given a User ID, this method will:
A) Bind to the directory using the configured binddn and bindpw
B) Perform a search for the User Object in the directory, using
user_basedn, user_filter, and user_scope.
C) Assuming we found the object, we will walk its attributes
using L<Net::LDAP::Entry>'s get_value method. We store the
results in a hashref. If we do not find the object, then
undef is returned.
D) Return a hashref that looks like:
$results = {
'ldap_entry' => $entry, # The Net::LDAP::Entry object
'attributes' => $attributes,
}
This method is usually only called by find_user().
lookup_roles($userobj, [$ldap])
This method looks up the roles for a given user. It takes a Catalyst::Authentication::Store::LDAP::User object as its first argument, and can optionally take a Net::LDAP object which is used rather than the default binding if supplied.It returns an array containing the role_field attribute from all the objects that match its criteria.
user_supports
Returns the value of Catalyst::Authentication::Store::LDAP::User->supports(@_).from_session( id, $c, $frozenuser )
Revives a serialized user from storage in the session.Supports users stored with a different persist_in_session setting.
AUTHORS
Adam Jacob <holoway@cpan.org>Some parts stolen shamelessly and entirely from Catalyst::Plugin::Authentication::Store::Htpasswd.
Currently maintained by Peter Karman <karman@cpan.org>.
THANKS
To nothingmuch, ghenry, castaway and the rest of #catalyst for the help. :)SEE ALSO
Catalyst::Authentication::Store::LDAP, Catalyst::Authentication::Store::LDAP::User, Catalyst::Plugin::Authentication, Net::LDAPCOPYRIGHT & LICENSE
Copyright (c) 2005 the aforementioned authors. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.| 2021-05-26 | perl v5.32.1 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.