Linux Certif

Toute la documentation sur la certification Linux LPI

Jifty::Plugin::Authentication::Ldap.3pm

NAME

Jifty::Plugin::Authentication::Ldap - LDAP Authentication Plugin for Jifty

DESCRIPTION

CAUTION: This plugin is experimental.

This may be combined with the User Mixin to provide user accounts and ldap password authentication to your application.

When a new user authenticates using this plugin, a new User object will be created automatically. The "name" and "email" fields will be automatically populated with LDAP data.

in etc/config.yml

   Plugins: 
     - Authentication::Ldap: 
        LDAPhost: ldap.univ.fr           # ldap server
        LDAPbase: ou=people,dc=.....     # base ldap
        LDAPName: displayname            # name to be displayed (cn givenname)
        LDAPMail: mailLocalAddress       # email used optional
        LDAPuid: uid                     # optional
 
 

Then create a user model

   jifty model --name=User
 
 

and edit lib/App/Model/User.pm to look something like this:

   use strict;
   use warnings;
   
   package Venice::Model::User;
   
   use Jifty::DBI::Schema;
   use Venice::Record schema {
         # More app-specific user columns go here
   };
   
   use Jifty::Plugin::User::Mixin::Model::User;
   use Jifty::Plugin::Authentication::Ldap::Mixin::Model::User;
   
   sub current_user_can {
       my $self = shift;
       my $type = shift;
       my %args = (@_);
       
     return 1 if
           $self->current_user->is_superuser;
     
     # all logged in users can read this table
     return 1
         if ($type eq 'read' && $self->current_user->id);
     
     return $self->SUPER::current_user_can($type, @_);
   };
   
   1;
 
 

ACTIONS

This plugin will add the following actions to your application. For testing you can access these from the Admin plugin.

Jifty::Plugin::Authentication::Ldap::Action::LDAPLogin

The login path is "/ldaplogin".

Jifty::Plugin::Authentication::Ldap::Action::LDAPLogout

The logout path is "/ldaplogout".

METHODS

prereq_plugins

This plugin depends on the User Mixin.

Configuration

The following options are available in your "config.yml" under the Authentication::Ldap Plugins section.

"LDAPhost"

Your LDAP server.

"LDAPbase"

The base object where your users live.

"LDAPMail"

The DN that your organization uses to store Email addresses. This gets copied into the User object as the "email".

"LDAPName"

The DN that your organization uses to store Real Name. This gets copied into the User object as the "name".

"LDAPuid"

The DN that your organization uses to store the user ID. Usually "cn". This gets copied into the User object as the "ldap_id".

"LDAPOptions"

These options get passed through to Net::LDAP.

Default Options :

  debug   => 0
  onerror => undef
  async   => 1
 
 

Other options you may want :

  timeout => 30
 
 

See "Net::LDAP" for a full list. You can overwrite the defaults selectively or not at all.

SEE ALSO

Jifty::Manual::AccessControl, Jifty::Plugin::User::Mixin::Model::User, Net::LDAP

AUTHORS

Yves Agostini, <yvesago@cpan.org>

and others authors from Jifty (maxbaker, clkao, sartak, alexmv)

LICENSE

Copyright 2007-2009 Yves Agostini. All Rights Reserved.

This program is free software and may be modified and distributed under the same terms as Perl itself.