[Catalyst] Catalyst::Plugin::Authentication::Store::LDAP settings
for Microsoft Active Directory
Hermida, Leandro
Leandro.Hermida at fmi.ch
Fri Dec 15 09:15:38 GMT 2006
Hi everyone,
For the life of me I can't find the complete and correct settings that
will get Catalyst::Plugin::Authentication::Store::LDAP to authenticate
under Microsoft Active Directory. In my old code I did it using
Net::LDAP directly and using a non-standard shortcut available in Active
Directory to quickly authenticate a user:
my $ldap = Net::LDAP->new('myhostname.domain.com', version => 3) or die
"\nLDAP server connection failure\n\n";
my $mesg = $ldap->bind("$username at domain.com", password => "$password");
$ldap->unbind();
$ldap->disconnect();
return (!$mesg or $mesg->is_error or $mesg->code) ? 0 : 1;
With Active Directory you don't need a separate ldap search account to
use in the initial bind and if you want to do a simple authentication,
you just use the $username and $password from your login web page to
bind and check to see that $mesg->code == 0 (which means success).
Since Catalyst::Plugin::Authentication::Store::LDAP is much more
powerful and uses the standard approach of authenticating against LDAP I
cannot use this shortcut. So I looked into the source and have
attempted to map things but am running into trouble:
In my myapp.yml file:
authentication:
ldap:
ldap_server: myhostname.domain.com
ldap_server_options:
version : 3
binddn: searchuser
bindpw: searchpwd
user_basedn: cn=Users,dc=domain,dc=com
user_filter: ???
user_scope: sub
user_field: ???
user_search_options: ???
Does anyone know the correct settings for the user_* settings?
Thank you,
Leandro Hermida
More information about the Catalyst
mailing list