[jifty-devel] LDAP Plugins

Yves Agostini agostini at univ-metz.fr
Fri Dec 12 03:22:10 EST 2008


Le jeudi 11 décembre 2008 à 18:47 -0800, Max Baker a écrit :
> Hi Yves,
> 
> 
> Yves Agostini wrote:
> > unlucky : AuthLDAPLogin and AuthLDAPOnly are deprecated. 
> >
> >   
> 
> Good to know, thanks for your help.
> 
> > You need to use Authentication::Ldap.  Authentication::Ldap add all
> > users to your local user table where you can add easily add fields. 
> > https://svn.univ-metz.fr/svnweb/index.cgi/pub_Uguest/view/trunk/lib/Uguest/Model/User.pm
> >
> > You can use AuthzLDAP to add filter to find with ldap attributes, which
> > users can write in your application.
> >
> > here you can find a sample use of AuthzLDAP
> > https://svn.univ-metz.fr/svnweb/index.cgi/pub_Uguest/view/trunk/lib/Uguest/Dispatcher.pm
> >
> > You can certainly write your own plugin (Authentication::LdapReader ?)
> > where you don't register user in local table.
> 
> The sample code from your application helps a lot.
> 
> For the record, I am now running the SVN head version, and here's what I 
> have  :
> 
> config.yml:
> ----------------------------------------------------------------------
>   Plugins:
>     - Authentication::Ldap:
>        LDAPhost: ldap.company.com
>        LDAPbase: ou=People,dc=company,dc=com
>        LDAPName: cn
>        LDAPMail: mail
>        LDAPuid: uid
> ...
>   LogLevel: DEBUG
> ----------------------------------------------------------------------
> 
> Note that I *did not* include the User plugin as told to in the POD.  
> This is on suggestion from people in #jifty. 

I think you need the "Mixin User" plugin as ldap plugin add new user in
this table

so you need something like :

use yourApp::Record schema {
 ....
};

use Jifty::Plugin::User::Mixin::Model::User;
use Jifty::Plugin::Authentication::Ldap::Mixin::Model::User;

> This is working now, and my app will authenticate correctly.  However 
> now the code to automatically add a user seems to be broken.  It adds an 
> empty row to the database with all fields blank.   I added some debug 
> code to make sure that LDAP was returning the correct information.
> 
> The problem seems to lie here:
> 
> Plugin/Authentication/Ldap/Action/LDAPLogin.pm
> ----------------------------------------------------------------------
>  94     # Autocreate the user if necessary
>  95     if ( not $user->id ) {
>  96         my $action = Jifty->web->new_action(
>  97             class           => 'CreateUser',
>  98             current_user    => $current_user->superuser,
>  99             arguments       => {
> 100                 ldap_id => $username
> 101             }
> 102         );
> 103         $action->run;
> 104
> 105         if ( not $action->result->success ) {
> 106             # Should this be less "friendly"?
> 107             $self->result->error(_("Sorry, something weird happened 
> (we couldn't create a user f
> 108             return;
> 109         }
> 110
> 111         $user = $current_user->new( ldap_id => $username );
> 112     }
> 113
> 114     my $u = $user->user_object;
> 115
> 116     # Update, just in case
> 117     $u->__set( column => 'ldap_id', value => $username ) unless 
> ($u->ldap_id and $u->ldap_id eq
> 118     $u->__set( column => 'name', value => $username )    unless 
> ($u->name and length $u->name);
> 119     $u->__set( column => 'name', value => $name )    if ($name);
> 120     $u->__set( column => 'email', value => $email )  if ($email);
> ----------------------------------------------------------------------
> 
> Note that 117-120 are changed from stock because I was fooling around 
> trying to get it to work.  But even when stock, they didn't seem to work 
> -- no data was written into the database!   And the ui now says "Hiya 
> ,"  so the username is empty in the user object as well.

take care with current_user_can maybe you can't read or can't write

you can try with :

sub current_user_can {
    my $self = shift;
    my $type = shift;
    my %args = (@_);
    
    return 1;
}


> Any ideas folks?
> 
> Thanks!
> -m
> 
> 
-- 
---------------------------------------------------------------
AGOSTINI Yves             CRI - Université Paul Verlaine - Metz
agostini at univ-metz.fr     http://www.crium.univ-metz.fr
tel: 03 87 31 52 63       fax: 03 87 31 53 33     PGP: 842CC261



More information about the jifty-devel mailing list