[Catalyst-dev] Re: LDAP (was: user_field in C::P::A::Store::LDAP)
Carl Johnstone
catalyst at fadetoblack.me.uk
Mon Dec 3 12:07:04 GMT 2007
> I think the intent here is that your search results might not be unique,
> and
> so you still have to check the actual user_field to see if you have the
> right object. In practice, it's hard to see a situation where this makes
> much sense... if the search filter returned more than one object (and we
> process the filter with the login credentials) then we probably have a
> failure condition anyway.
Or at the very least you would need to try and authenticate against each
record in turn - the module as it stands at the moment only tries to auth
against the first returned result that also passed the coded user_field
filter.
That said, now I've got past LDAP auth I'm thinking about registering and
amending users. I'm looking at Model::LDAP, and it occurs to me that it
would probably be better if the Auth worked nicely with Model::LDAP. From my
first cursory glance, it looks like I'll have to reconfigure some of the
same LDAP server settings, additionally we've got code duplication where the
accessor methods are setup.
Carl
More information about the Catalyst-dev
mailing list