[Catalyst] Model::LDAP vs Authentication::Credential::LDAP
Buchan Milne
bgmilne at mandriva.org
Thu Aug 7 16:52:36 BST 2008
We are using Catalyst for an internal infrastructure management application.
Some of the data we want to manage lives in LDAP, and we already use LDAP for
authentication and roles in our application.
However, I would like to have the LDAP server do it's job in authorizing
access to some of this data, and I would also like to have LDAP-side auditing
(as direct LDAP access has to be available, doing it application-side would
miss any direct modifications).
So, I would prefer to have my Model::LDAP models (re-)bind as the
authenticated user.
So far I have stored the cleartext password in the session, after encrypting
it with the session key. Now, I would like to find some way of providing the
credentials to the model.
I wrote a connection_class for my models, but it seems that the
connection_class doesn't have access to the context, so I can't retrieve $c-
>user->ldap_entry->dn or $c->sessionid().
Is there really no way to do this at present (without dumping Model::LDAP and
doing everything via Net::LDAP directly)?
Regards,
Buchan
More information about the Catalyst
mailing list