Catalyst::Authentication::Store::LDAP::Backend - LDAP authentication storage backend.
# you probably just want Store::LDAP under most cases, # but if you insist you can instantiate your own store: use Catalyst::Authentication::Store::LDAP::Backend; use Catalyst qw/ Authentication Authentication::Credential::Password /; my %config = ( 'ldap_server' => 'ldap1.yourcompany.com', 'ldap_server_options' => { 'timeout' => 30, }, 'binddn' => 'anonymous', 'bindpw' => 'dontcarehow', 'start_tls' => 1, 'start_tls_options' => { 'verify' => 'none', }, 'user_basedn' => 'ou=people,dc=yourcompany,dc=com', 'user_filter' => '(&(objectClass=posixAccount)(uid=%s))', 'user_scope' => 'one', # or 'sub' for Active Directory 'user_field' => 'uid', 'user_search_options' => { 'deref' => 'always', 'attrs' => [qw( distinguishedname name mail )], }, 'user_results_filter' => sub { return shift->pop_entry }, 'entry_class' => 'MyApp::LDAP::Entry', 'user_class' => 'MyUser', 'use_roles' => 1, 'role_basedn' => 'ou=groups,dc=yourcompany,dc=com', 'role_filter' => '(&(objectClass=posixGroup)(member=%s))', 'role_scope' => 'one', 'role_field' => 'cn', 'role_value' => 'dn', 'role_search_options' => { 'deref' => 'always', }, 'role_search_as_user' => 0, 'persist_in_session' => 'all', ); our $users = Catalyst::Authentication::Store::LDAP::Backend->new(\%config);
You probably want Catalyst::Authentication::Store::LDAP.
Otherwise, this lets you create a store manually.
See the Catalyst::Authentication::Store::LDAP documentation for an explanation of the configuration options.
Creates a new Catalyst::Authentication::Store::LDAP::Backend object. $config should be a hashref, which should contain the configuration options listed in Catalyst::Authentication::Store::LDAP's documentation.
Also sets a few sensible defaults.
Creates a Catalyst::Authentication::Store::LDAP::User object for the given User ID. This is the preferred mechanism for getting a given User out of the Store.
authinfo should be a hashref with a key of either id or username. The value will be compared against the LDAP user_field field.
id
username
user_field
Creates a Catalyst::Authentication::Store::LDAP::User object for the given User ID, or calls new on the class specified in user_class. This instance of the store object, the results of lookup_user and $c are passed as arguments (in that order) to new. This is the preferred mechanism for getting a given User out of the Store.
new
user_class
lookup_user
Returns a Net::LDAP object, connected to your LDAP server. (According to how you configured the Backend, of course)
Bind's to the directory. If $ldap is undef, it will connect to the LDAP server first. $binddn should be the DN of the object you wish to bind as, and $bindpw the password.
If $binddn is "anonymous", an anonymous bind will be performed.
Connect to the LDAP server and do an authenticated bind against the directory. Throws an exception if connecting to the LDAP server fails. Returns 1 if binding succeeds, 0 if it fails.
Given a User ID, this method will:
A) Bind to the directory using the configured binddn and bindpw B) Perform a search for the User Object in the directory, using user_basedn, user_filter, and user_scope. C) Assuming we found the object, we will walk its attributes using L<Net::LDAP::Entry>'s get_value method. We store the results in a hashref. If we do not find the object, then undef is returned. D) Return a hashref that looks like: $results = { 'ldap_entry' => $entry, # The Net::LDAP::Entry object 'attributes' => $attributes, }
This method is usually only called by find_user().
This method looks up the roles for a given user. It takes a Catalyst::Authentication::Store::LDAP::User object as its first argument, and can optionally take a Net::LDAP object which is used rather than the default binding if supplied.
It returns an array containing the role_field attribute from all the objects that match its criteria.
Returns the value of Catalyst::Authentication::Store::LDAP::User->supports(@_).
Revives a serialized user from storage in the session.
Supports users stored with a different persist_in_session setting.
Adam Jacob <holoway@cpan.org>
Some parts stolen shamelessly and entirely from Catalyst::Plugin::Authentication::Store::Htpasswd.
Currently maintained by Peter Karman <karman@cpan.org>.
To nothingmuch, ghenry, castaway and the rest of #catalyst for the help. :)
Catalyst::Authentication::Store::LDAP, Catalyst::Authentication::Store::LDAP::User, Catalyst::Plugin::Authentication, Net::LDAP
Copyright (c) 2005 the aforementioned authors. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install Catalyst::Authentication::Store::LDAP, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Catalyst::Authentication::Store::LDAP
CPAN shell
perl -MCPAN -e shell install Catalyst::Authentication::Store::LDAP
For more information on module installation, please visit the detailed CPAN module installation guide.