NAME

Bio::Graphics::Browser2::Plugin::LDAPAuthenticate - Authenticate user against an LDAP server

SYNOPSIS

In the GBrowse.conf configuration file:

 authentication plugin = LDAPAuthenticate

 [LDAPAuthenticate:plugin]
 login hint = your foobar corp account
 ldap server = ldap.foobar.com
 people base = ou=People,dc=foobar,dc=ny,dc=usa
 groups base = ou=Groups,dc=foobar,dc=ny,dc=usa
 # the following only needed if the LDAP server forbids anonymous (unbound) searches:
 bind dn    = uid=root,ou=People,dc=foobar,dc=ny,dc=usa
 bind pass  = xyzzy

DESCRIPTION

This plugin uses hard-coded values to authenticate users against an LDAP database. Users can log in using their Unix login names and passwords (LDAP "posixAccount"). Groups are authorized against the posixGroup memberUID fields.

CONFIGURATION

For this plugin to work, you must configure an [LDAPAuthenticate:plugin] section in the main GBrowse.conf file. It will look like this:

 [LDAPAuthenticate:plugin]
 login hint = your foobar corp account
 ldap server = ldap.foobar.com
 people base = ou=People,dc=foobar,dc=ny,dc=usa
 groups base = ou=Groups,dc=foobar,dc=ny,dc=usa

login hint (optional) is displayed to the user so that he knows what account credentials he or she is being asked for.

ldap server (required) is the address of the LDAP server you wish to contact. If the server is running on a non-standard, port, you can indicate it as "ldap.foobar.com:1118".

people base (required) is the search base for the People records where the provided user id will be found.

groups base (required) is the search base for the Group records where the user's group membership can be determined.

In addition, if your LDAP server requires a username and password to bind to before permitting searches, then you will need to provide:

bind dn (optional) the distinguished name of the LDAP user to bind to. This is often called the LDAP "root" user.

bind pass (optional) the password of the LDAP user to bind to.

Note that providing this bind user's account name and password in a file that is readable by the web server can be considered a security risk. Consider allowing anonymous searches on the LDAP server, or else create an unprivileged user account for the initial binding step.

AUTHOR

Lincoln Stein <lincoln.stein@oicr.on.ca>.

This library is free software distributed under the Perl Artistic License v2; you can redistribute it and/or modify it under the same terms as Perl itself.

To install CGI::Toggle, copy and paste the appropriate command in to your terminal.

cpanm

cpanm CGI::Toggle

CPAN shell

perl -MCPAN -e shell
install CGI::Toggle

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

DESCRIPTION

CONFIGURATION

SEE ALSO

AUTHOR

Module Install Instructions