Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
Catalyst::AuthenticatiUserSContributed:PerleDocumtion::Store::LDAP::Backend(3)

NAME
       Catalyst::Authentication::Store::LDAP::Backend
	 - LDAP	authentication storage backend.

SYNOPSIS
	   # you probably just want Store::LDAP	under most cases,
	   # but if you	insist you can instantiate your	own store:

	   use Catalyst::Authentication::Store::LDAP::Backend;

	   use Catalyst	qw/
	       Authentication
	       Authentication::Credential::Password
	   /;

	   my %config =	(
		   'ldap_server' => 'ldap1.yourcompany.com',
		   'ldap_server_options' => {
		       'timeout' => 30,
		   },
		   'binddn' => 'anonymous',
		   'bindpw' => 'dontcarehow',
		   'start_tls' => 1,
		   'start_tls_options' => {
		       'verify'	=> 'none',
		   },
		   'user_basedn' => 'ou=people,dc=yourcompany,dc=com',
		   'user_filter' => '(&(objectClass=posixAccount)(uid=%s))',
		   'user_scope'	=> 'one',  # or	'sub' for Active Directory
		   'user_field'	=> 'uid',
		   'user_search_options' => {
		       'deref' => 'always',
		       'attrs' => [qw( distinguishedname name mail )],
		   },
		   'user_results_filter' => sub	{ return shift->pop_entry },
		   'entry_class' => 'MyApp::LDAP::Entry',
		   'user_class'	=> 'MyUser',
		   'use_roles' => 1,
		   'role_basedn' => 'ou=groups,dc=yourcompany,dc=com',
		   'role_filter' => '(&(objectClass=posixGroup)(member=%s))',
		   'role_scope'	=> 'one',
		   'role_field'	=> 'cn',
		   'role_value'	=> 'dn',
		   'role_search_options' => {
		       'deref' => 'always',
		   },
		   'role_search_as_user' => 0,
		   'persist_in_session'	 => 'all',
	   );

	   our $users =	Catalyst::Authentication::Store::LDAP::Backend->new(\%config);

DESCRIPTION
       You probably want Catalyst::Authentication::Store::LDAP.

       Otherwise, this lets you	create a store manually.

       See the Catalyst::Authentication::Store::LDAP documentation for an
       explanation of the configuration	options.

METHODS
   new($config)
       Creates a new Catalyst::Authentication::Store::LDAP::Backend object.
       $config should be a hashref, which should contain the configuration
       options listed in Catalyst::Authentication::Store::LDAP's
       documentation.

       Also sets a few sensible	defaults.

   find_user( authinfo,	$c )
       Creates a Catalyst::Authentication::Store::LDAP::User object for	the
       given User ID.  This is the preferred mechanism for getting a given
       User out	of the Store.

       authinfo	should be a hashref with a key of either "id" or "username".
       The value will be compared against the LDAP "user_field"	field.

   get_user( id, $c)
       Creates a Catalyst::Authentication::Store::LDAP::User object for	the
       given User ID, or calls "new" on	the class specified in "user_class".
       This instance of	the store object, the results of "lookup_user" and $c
       are passed as arguments (in that	order) to "new".  This is the
       preferred mechanism for getting a given User out	of the Store.

   ldap_connect
       Returns a Net::LDAP object, connected to	your LDAP server. (According
       to how you configured the Backend, of course)

   ldap_bind($ldap, $binddn, $bindpw)
       Bind's to the directory.	 If $ldap is undef, it will connect to the
       LDAP server first.  $binddn should be the DN of the object you wish to
       bind as,	and $bindpw the	password.

       If $binddn is "anonymous", an anonymous bind will be performed.

   ldap_auth( $binddn, $bindpw )
       Connect to the LDAP server and do an authenticated bind against the
       directory. Throws an exception if connecting to the LDAP	server fails.
       Returns 1 if binding succeeds, 0	if it fails.

   lookup_user($id)
       Given a User ID,	this method will:

	 A) Bind to the	directory using	the configured binddn and bindpw
	 B) Perform a search for the User Object in the	directory, using
	    user_basedn, user_filter, and user_scope.
	 C) Assuming we	found the object, we will walk it's attributes
	    using L<Net::LDAP::Entry>'s	get_value method.  We store the
	    results in a hashref. If we	do not find the	object,	then
	    undef is returned.
	 D) Return a hashref that looks	like:

	    $results = {
	       'ldap_entry' => $entry, # The Net::LDAP::Entry object
	       'attributes' => $attributes,
	    }

       This method is usually only called by find_user().

   lookup_roles($userobj, [$ldap])
       This method looks up the	roles for a given user.	 It takes a
       Catalyst::Authentication::Store::LDAP::User object as it's first
       argument, and can optionally take a Net::LDAP object which is used
       rather than the default binding if supplied.

       It returns an array containing the role_field attribute from all	the
       objects that match it's criteria.

   user_supports
       Returns the value of
       Catalyst::Authentication::Store::LDAP::User->supports(@_).

   from_session( id, $c, $frozenuser )
       Revives a serialized user from storage in the session.

       Supports	users stored with a different persist_in_session setting.

AUTHORS
       Adam Jacob <holoway@cpan.org>

       Some parts stolen shamelessly and entirely from
       Catalyst::Plugin::Authentication::Store::Htpasswd.

       Currently maintained by Peter Karman <karman@cpan.org>.

THANKS
       To nothingmuch, ghenry, castaway	and the	rest of	#catalyst for the
       help. :)

SEE ALSO
       Catalyst::Authentication::Store::LDAP,
       Catalyst::Authentication::Store::LDAP::User,
       Catalyst::Plugin::Authentication, Net::LDAP

COPYRIGHT & LICENSE
       Copyright (c) 2005 the aforementioned authors. All rights reserved.
       This program is free software; you can redistribute it and/or modify it
       under the same terms as Perl itself.

perl v5.24.1		     Catalyst::Authentication::Store::LDAP::Backend(3)

NAME | SYNOPSIS | DESCRIPTION | METHODS | AUTHORS | THANKS | SEE ALSO | COPYRIGHT & LICENSE

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=Catalyst::Authentication::Store::LDAP::Backend&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help