Rechercher une page de manuel
Jifty::Plugin::AuthzLDAP.3pm
Langue: en
Version: 2008-08-12 (debian - 07/07/09)
Section: 3 (Bibliothèques de fonctions)
NAME
Jifty::Plugin::AuthzLDAP - Jifty plugin to a add dynamic ldap authorizationDESCRIPTION
Jifty plugin. Provide ldap authorization with filters table and cache.NOW FOR TESTING AND COMMENTS
CONFIGURATION NOTES
in etc/config.ymlPlugins:
- AuthzLDAP:
LDAPbind: cn=testldap,ou=admins,dc=myorg,dc=org #
LDAPpass: test # password
LDAPhost: ldap.myorg.org # ldap host
LDAPbase: ou=people,dc=myorg.. # ldap base
LDAPuid: uid # optional
CacheTimout: 20 # minutes, optional, default 20 minutes
in application create a LDAPFilter model
use base qw/Jifty::Plugin::AuthzLDAP::Model::LDAPFilter/;
in LDAPFilter model create your filters, something like
name |filter |is_group
is_admin|(!eduPersonAffiliation=STUDENT)|0
in_admin|cn=admin,ou=groups,dc=my.org |1
to protect access to /admin in ``TestApp'' application create a lib/TestApp/Dispatcher.pm
use strict;
use warnings;
package TestApp::Dispatcher;
use Jifty::Dispatcher -base;
before '/admin/*' => run {
# Authentication
Jifty->web->tangent(url => '/login')
if (! Jifty->web->current_user->id);
# Authorization
my $user = Jifty->web->current_user->user_object->name;
Jifty->web->tangent(url => '/error/AccessDenied')
if (! Jifty::Plugin::AuthzLDAP->ldapvalidate($user,'is_admin') );
};
1
SEE ALSO
Net::LDAPbind
Bind to ldap
validate NAME FILTERNAME
return 1 if NAME validate FILTER or NAME-FILTERNAME in cache else return 0
If FILTERNAME is flagged as is_group, search if user is uniquemember of this group as supported by the Netscape Directory Server
AUTHOR
Yves Agostini, <yvesago@cpan.org>LICENSE
Copyright 2007-2008 Yves Agostini. All Rights Reserved.This program is free software and may be modified and distributed under the same terms as Perl itself.
Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre