[Catalyst-dev] user_field in Catalyst::Plugin::Authentication::Store::LDAP

Adam Jacob adam at stalecoffee.org
Sun Dec 2 19:36:00 GMT 2007


On 11/30/07, Carl Johnstone <catalyst at fadetoblack.me.uk> wrote:
>
> So once a user has actually logged in, it's the uidNumber that's important
> to us.
>
> So reading the documentation I figured that my search filter would be
> "(mail=3D%s)" and my user_field would be "uidNumber". I then would just n=
eed
> to call
>
> $c->login( $c->req->param('email'), $c->req->param('password'));
>
> However it wasn't working. Tracking the problem down, and in my case this
> chunk of code is checking each result to see if the id passed into login
> matched the user_field. In my case it check that the email address matches
> uidNumber, so was always failing:
>
>   RESULT: while (my $entry =3D $usersearch->pop_entry) {
>         foreach my $field (@user_fields) {
>             foreach my $value ($entry->get_value($field)) {
>                 if ($value eq $id) {
>                     $userentry =3D $entry;
>                     last RESULT;
>                 }
>             }
>         }
>     }
>
>
> However the existence of that chunk of code doesn't make sense to me, you
> already get the chance to filter the results when doing the query on the
> server. All that would seem to be doing is doing the exact same thing
> _again_ on the client side.


I think the intent here is that your search results might not be unique, and
so you still have to check the actual user_field to see if you have the
right object.  In practice, it's hard to see a situation where this makes
much sense... if the search filter returned more than one object (and we
process the filter with the login credentials) then we probably have a
failure condition anyway.

Is anyone using this functionality any different?  If they aren't, I would
happily take a patch to fix this.

Adam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst-dev/attachments/20071202/0=
5bd2572/attachment-0001.htm


More information about the Catalyst-dev mailing list