GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  CATALYST::AUTHENTICATION::STORE::LDAP::BACKEND (3)

.ds Aq ’

NAME

Catalyst::Authentication::Store::LDAP::Backend
- LDAP authentication storage backend.

CONTENTS

SYNOPSIS



    # you probably just want Store::LDAP under most cases,
    # but if you insist you can instantiate your own store:

    use Catalyst::Authentication::Store::LDAP::Backend;

    use Catalyst qw/
        Authentication
        Authentication::Credential::Password
    /;

    my %config = (
            ldap_server => ldap1.yourcompany.com,
            ldap_server_options => {
                timeout => 30,
            },
            binddn => anonymous,
            bindpw => dontcarehow,
            start_tls => 1,
            start_tls_options => {
                verify => none,
            },
            user_basedn => ou=people,dc=yourcompany,dc=com,
            user_filter => (&(objectClass=posixAccount)(uid=%s)),
            user_scope => one,  # or sub for Active Directory
            user_field => uid,
            user_search_options => {
                deref => always,
                attrs => [qw( distinguishedname name mail )],
            },
            user_results_filter => sub { return shift->pop_entry },
            entry_class => MyApp::LDAP::Entry,
            user_class => MyUser,
            use_roles => 1,
            role_basedn => ou=groups,dc=yourcompany,dc=com,
            role_filter => (&(objectClass=posixGroup)(member=%s)),
            role_scope => one,
            role_field => cn,
            role_value => dn,
            role_search_options => {
                deref => always,
            },
            role_search_as_user => 0,
            persist_in_session  => all,
    );

    our $users = Catalyst::Authentication::Store::LDAP::Backend->new(\%config);



DESCRIPTION

You probably want Catalyst::Authentication::Store::LDAP.

Otherwise, this lets you create a store manually.

See the Catalyst::Authentication::Store::LDAP documentation for an explanation of the configuration options.

METHODS

    new($config)

Creates a new Catalyst::Authentication::Store::LDAP::Backend object. $config should be a hashref, which should contain the configuration options listed in Catalyst::Authentication::Store::LDAP’s documentation.

Also sets a few sensible defaults.

find_user( authinfo, CW$c )

Creates a Catalyst::Authentication::Store::LDAP::User object for the given User ID. This is the preferred mechanism for getting a given User out of the Store.

authinfo should be a hashref with a key of either id or username. The value will be compared against the LDAP user_field field.

get_user( id, CW$c)

Creates a Catalyst::Authentication::Store::LDAP::User object for the given User ID, or calls new on the class specified in user_class. This instance of the store object, the results of lookup_user and $c are passed as arguments (in that order) to new. This is the preferred mechanism for getting a given User out of the Store.

    ldap_connect

Returns a Net::LDAP object, connected to your LDAP server. (According to how you configured the Backend, of course)

ldap_bind($ldap, CW$binddn, CW$bindpw)

Bind’s to the directory. If $ldap is undef, it will connect to the LDAP server first. $binddn should be the DN of the object you wish to bind as, and $bindpw the password.

If $binddn is anonymous, an anonymous bind will be performed.

ldap_auth( CW$binddn, CW$bindpw )

Connect to the LDAP server and do an authenticated bind against the directory. Throws an exception if connecting to the LDAP server fails. Returns 1 if binding succeeds, 0 if it fails.

    lookup_user($id)

Given a User ID, this method will:



  A) Bind to the directory using the configured binddn and bindpw
  B) Perform a search for the User Object in the directory, using
     user_basedn, user_filter, and user_scope.
  C) Assuming we found the object, we will walk its attributes
     using L<Net::LDAP::Entry>s get_value method.  We store the
     results in a hashref. If we do not find the object, then
     undef is returned.
  D) Return a hashref that looks like:

     $results = {
        ldap_entry => $entry, # The Net::LDAP::Entry object
        attributes => $attributes,
     }



This method is usually only called by find_user().

    lookup_roles($userobj, [$ldap])

This method looks up the roles for a given user. It takes a Catalyst::Authentication::Store::LDAP::User object as it’s first argument, and can optionally take a Net::LDAP object which is used rather than the default binding if supplied.

It returns an array containing the role_field attribute from all the objects that match it’s criteria.

    user_supports

Returns the value of Catalyst::Authentication::Store::LDAP::User->supports(@_).

from_session( id, CI$c, CW$frozenuser )

Revives a serialized user from storage in the session.

Supports users stored with a different persist_in_session setting.

AUTHORS

Adam Jacob <holoway@cpan.org>

Some parts stolen shamelessly and entirely from Catalyst::Plugin::Authentication::Store::Htpasswd.

Currently maintained by Peter Karman <karman@cpan.org>.

THANKS

To nothingmuch, ghenry, castaway and the rest of #catalyst for the help. :)

SEE ALSO

Catalyst::Authentication::Store::LDAP, Catalyst::Authentication::Store::LDAP::User, Catalyst::Plugin::Authentication, Net::LDAP

COPYRIGHT & LICENSE

Copyright (c) 2005 the aforementioned authors. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
Search for    or go to Top of page |  Section 3 |  Main Index


perl v5.20.3 CATALYST::AUTHENTICATION::STORE::LDAP::BACKEND (3) 2016-02-11

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.