Catalyst::Plugin::Authentication::Store::LDAP::Backend.3pm

Langue: en

Version: 2006-02-14 (mandriva - 01/05/08)

Section: 3 (Bibliothèques de fonctions)

NAME

Catalyst::Plugin::Authentication::Store::LDAP::Backend
  - LDAP authentication storage backend.

SYNOPSIS

     # you probably just want Store::LDAP under most cases,
     # but if you insist you can instantiate your own store:
 
 
     use Catalyst::Plugin::Authentication::Store::LDAP::Backend;
 
 
     use Catalyst qw/
         Authentication
         Authentication::Credential::Password
     /;
 
 
     my %config = (
             'ldap_server' => 'ldap1.yourcompany.com',
             'ldap_server_options' => {
                 'timeout' => 30,
             },
             'binddn' => 'anonymous',
             'bindpw' => 'dontcarehow',
             'start_tls' => 1,
             'start_tls_options' => {
                 'verify' => 'none',
             },
             'user_basedn' => 'ou=people,dc=yourcompany,dc=com',
             'user_filter' => '(&(objectClass=posixAccount)(uid=%s))',
             'user_scope' => 'one',
             'user_field' => 'uid',
             'user_search_options' => {
                 'deref' => 'always',
             },
             'use_roles' => 1,
             'role_basedn' => 'ou=groups,dc=yourcompany,dc=com',
             'role_filter' => '(&(objectClass=posixGroup)(member=%s))',
             'role_scope' => 'one',
             'role_field' => 'cn',
             'role_value' => 'dn',
             'role_search_options' => {
                 'deref' => 'always',
             },
     );
 
 
     our $users = Catalyst::Plugin::Authentication::Store::LDAP::Backend->new(\%config);
 
 
     sub action : Local {
         my ( $self, $c ) = @_;
 
 
         $c->login( $users->get_user( $c->req->param("login") ),
             $c->req->param("password") );
     }
 
 

DESCRIPTION

You probably want Catalyst::Plugin::Authentication::Store::LDAP, unless you are mixing several stores in a single app and one of them is LDAP.

Otherwise, this lets you create a store manually.

See the Catalyst::Plugin::Authentication::Store::LDAP documentation for an explanation of the configuration options.

METHODS


new($config)

Creates a new Catalyst::Plugin::Authentication::Store::LDAP::Backend object. $config should be a hashref, which should contain the configuration options listed in Catalyst::Plugin::Authentication::Store::LDAP's documentation.

Also sets a few sensible defaults.

get_user($id)

Creates a Catalyst::Plugin::Authentication::Store::LDAP::User object for the given User ID. This is the preferred mechanism for getting a given User out of the Store.

ldap_connect

Returns a Net::LDAP object, connected to your LDAP server. (According to how you configured the Backend, of course)

ldap_bind($ldap, $binddn, $bindpw)


ldap_bind($ldap, $binddn, $bindpw)

Bind's to the directory. If $ldap is undef, it will connect to the LDAP server first. $binddn should be the DN of the object you wish to bind as, and $bindpw the password.

If $binddn is ``anonymous'', an anonymous bind will be performed.

lookup_user($id)

Given a User ID, this method will:

   A) Bind to the directory using the configured binddn and bindpw
   B) Perform a search for the User Object in the directory, using
      user_basedn, user_filter, and user_scope.
   C) Assuming we found the object, we will walk it's attributes 
      using L<Net::LDAP::Entry>'s get_value method.  We store the
      results in a hashref.
   D) Return a hashref that looks like:
 
 
      $results = {
         'ldap_entry' => $entry, # The Net::LDAP::Entry object
         'attributes' => $attributes,
      }
 
 

This method is usually only called by get_user.

lookup_roles($userobj)

This method looks up the roles for a given user. It takes a Catalyst::Plugin::Authentication::Store::LDAP::User object as it's sole argument.

It returns an array containing the role_field attribute from all the objects that match it's criteria.

AUTHORS

Adam Jacob <holoway@cpan.org>

Some parts stolen shamelessly and entirely from Catalyst::Plugin::Authentication::Store::Htpasswd.

THANKS

To nothingmuch, ghenry, castaway and the rest of #catalyst for the help. :)

SEE ALSO

Catalyst::Plugin::Authentication::Store::LDAP, Catalyst::Plugin::Authentication::Store::LDAP::User, Catalyst::Plugin::Authentication, Net::LDAP Copyright (c) 2005 the aforementioned authors. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.