[jifty-devel] LDAP Plugins
Yves Agostini
agostini at univ-metz.fr
Fri Dec 12 03:22:10 EST 2008
Le jeudi 11 décembre 2008 à 18:47 -0800, Max Baker a écrit :
> Hi Yves,
>
>
> Yves Agostini wrote:
> > unlucky : AuthLDAPLogin and AuthLDAPOnly are deprecated.
> >
> >
>
> Good to know, thanks for your help.
>
> > You need to use Authentication::Ldap. Authentication::Ldap add all
> > users to your local user table where you can add easily add fields.
> > https://svn.univ-metz.fr/svnweb/index.cgi/pub_Uguest/view/trunk/lib/Uguest/Model/User.pm
> >
> > You can use AuthzLDAP to add filter to find with ldap attributes, which
> > users can write in your application.
> >
> > here you can find a sample use of AuthzLDAP
> > https://svn.univ-metz.fr/svnweb/index.cgi/pub_Uguest/view/trunk/lib/Uguest/Dispatcher.pm
> >
> > You can certainly write your own plugin (Authentication::LdapReader ?)
> > where you don't register user in local table.
>
> The sample code from your application helps a lot.
>
> For the record, I am now running the SVN head version, and here's what I
> have :
>
> config.yml:
> ----------------------------------------------------------------------
> Plugins:
> - Authentication::Ldap:
> LDAPhost: ldap.company.com
> LDAPbase: ou=People,dc=company,dc=com
> LDAPName: cn
> LDAPMail: mail
> LDAPuid: uid
> ...
> LogLevel: DEBUG
> ----------------------------------------------------------------------
>
> Note that I *did not* include the User plugin as told to in the POD.
> This is on suggestion from people in #jifty.
I think you need the "Mixin User" plugin as ldap plugin add new user in
this table
so you need something like :
use yourApp::Record schema {
....
};
use Jifty::Plugin::User::Mixin::Model::User;
use Jifty::Plugin::Authentication::Ldap::Mixin::Model::User;
> This is working now, and my app will authenticate correctly. However
> now the code to automatically add a user seems to be broken. It adds an
> empty row to the database with all fields blank. I added some debug
> code to make sure that LDAP was returning the correct information.
>
> The problem seems to lie here:
>
> Plugin/Authentication/Ldap/Action/LDAPLogin.pm
> ----------------------------------------------------------------------
> 94 # Autocreate the user if necessary
> 95 if ( not $user->id ) {
> 96 my $action = Jifty->web->new_action(
> 97 class => 'CreateUser',
> 98 current_user => $current_user->superuser,
> 99 arguments => {
> 100 ldap_id => $username
> 101 }
> 102 );
> 103 $action->run;
> 104
> 105 if ( not $action->result->success ) {
> 106 # Should this be less "friendly"?
> 107 $self->result->error(_("Sorry, something weird happened
> (we couldn't create a user f
> 108 return;
> 109 }
> 110
> 111 $user = $current_user->new( ldap_id => $username );
> 112 }
> 113
> 114 my $u = $user->user_object;
> 115
> 116 # Update, just in case
> 117 $u->__set( column => 'ldap_id', value => $username ) unless
> ($u->ldap_id and $u->ldap_id eq
> 118 $u->__set( column => 'name', value => $username ) unless
> ($u->name and length $u->name);
> 119 $u->__set( column => 'name', value => $name ) if ($name);
> 120 $u->__set( column => 'email', value => $email ) if ($email);
> ----------------------------------------------------------------------
>
> Note that 117-120 are changed from stock because I was fooling around
> trying to get it to work. But even when stock, they didn't seem to work
> -- no data was written into the database! And the ui now says "Hiya
> ," so the username is empty in the user object as well.
take care with current_user_can maybe you can't read or can't write
you can try with :
sub current_user_can {
my $self = shift;
my $type = shift;
my %args = (@_);
return 1;
}
> Any ideas folks?
>
> Thanks!
> -m
>
>
--
---------------------------------------------------------------
AGOSTINI Yves CRI - Université Paul Verlaine - Metz
agostini at univ-metz.fr http://www.crium.univ-metz.fr
tel: 03 87 31 52 63 fax: 03 87 31 53 33 PGP: 842CC261
More information about the jifty-devel
mailing list