[jifty-devel] LDAP Plugins
Max Baker
max at warped.org
Thu Dec 11 21:47:36 EST 2008
Hi Yves,
Yves Agostini wrote:
> unlucky : AuthLDAPLogin and AuthLDAPOnly are deprecated.
>
>
Good to know, thanks for your help.
> You need to use Authentication::Ldap. Authentication::Ldap add all
> users to your local user table where you can add easily add fields.
> https://svn.univ-metz.fr/svnweb/index.cgi/pub_Uguest/view/trunk/lib/Uguest/Model/User.pm
>
> You can use AuthzLDAP to add filter to find with ldap attributes, which
> users can write in your application.
>
> here you can find a sample use of AuthzLDAP
> https://svn.univ-metz.fr/svnweb/index.cgi/pub_Uguest/view/trunk/lib/Uguest/Dispatcher.pm
>
> You can certainly write your own plugin (Authentication::LdapReader ?)
> where you don't register user in local table.
The sample code from your application helps a lot.
For the record, I am now running the SVN head version, and here's what I
have :
config.yml:
----------------------------------------------------------------------
Plugins:
- Authentication::Ldap:
LDAPhost: ldap.company.com
LDAPbase: ou=People,dc=company,dc=com
LDAPName: cn
LDAPMail: mail
LDAPuid: uid
...
LogLevel: DEBUG
----------------------------------------------------------------------
Note that I *did not* include the User plugin as told to in the POD.
This is on suggestion from people in #jifty.
This is working now, and my app will authenticate correctly. However
now the code to automatically add a user seems to be broken. It adds an
empty row to the database with all fields blank. I added some debug
code to make sure that LDAP was returning the correct information.
The problem seems to lie here:
Plugin/Authentication/Ldap/Action/LDAPLogin.pm
----------------------------------------------------------------------
94 # Autocreate the user if necessary
95 if ( not $user->id ) {
96 my $action = Jifty->web->new_action(
97 class => 'CreateUser',
98 current_user => $current_user->superuser,
99 arguments => {
100 ldap_id => $username
101 }
102 );
103 $action->run;
104
105 if ( not $action->result->success ) {
106 # Should this be less "friendly"?
107 $self->result->error(_("Sorry, something weird happened
(we couldn't create a user f
108 return;
109 }
110
111 $user = $current_user->new( ldap_id => $username );
112 }
113
114 my $u = $user->user_object;
115
116 # Update, just in case
117 $u->__set( column => 'ldap_id', value => $username ) unless
($u->ldap_id and $u->ldap_id eq
118 $u->__set( column => 'name', value => $username ) unless
($u->name and length $u->name);
119 $u->__set( column => 'name', value => $name ) if ($name);
120 $u->__set( column => 'email', value => $email ) if ($email);
----------------------------------------------------------------------
Note that 117-120 are changed from stock because I was fooling around
trying to get it to work. But even when stock, they didn't seem to work
-- no data was written into the database! And the ui now says "Hiya
," so the username is empty in the user object as well.
Any ideas folks?
Thanks!
-m
More information about the jifty-devel
mailing list