[Catalyst] patch for Catalyst::Authentication::Store::LDAP::Backend lookup_roles method

Scott Pham (scpham) scpham at cisco.com
Thu Jul 10 01:00:18 BST 2008 

I ran across an issue around calling $c->user->roles using the LDAP auth
store. Basically it would only return 1 role instead of the 30 or so I'm
a member of. After digging around I created this patch for it. I haven't
taken a poke at the Net::LDAP code yet, but I suspect the get_value
method does a want_array. Once I changed it, it works fine now.
 
Please let me know if it's not right or I'm not using the module
correctly...or any pointers for that matter ;)
 
 
 
BEGIN PATCH
==================================================
--- Backend.pm  2008-07-09 19:46:07.000000000 -0400
+++ Backend.pm.fix      2008-07-09 19:49:55.000000000 -0400
@@ -395,14 +395,8 @@
     }
     my $rolesearch = $ldap->search(@searchopts);
     my @roles;
-RESULT: while ( my $entry = $rolesearch->pop_entry ) {
-        my ($role) = $entry->get_value( $self->role_field );
-        if ($role) {
-            push( @roles, $role );
-        }
-        else {
-            next RESULT;
-        }
+    foreach my $entry ( $rolesearch->entries ) {
+        push(@roles, $entry->get_value( $self->role_field ));
     }
     return @roles;
 }
===============================================
END PATCH
 
 
 
My CONF:
===========================================
authentication:
  default_realm: ldap
  realms:
    ldap:
      credential:
        class: Password
        password_field: password
        password_type:  self_check
      store:
        class: LDAP
        ldap_server: ldap.mydomain.com
        ldap_server_options:
          timeout: 30
        binddn: anonymous
        bindpw:
        start_tls: 0
        start_tls_options:
            verify: none
        user_basedn: ou=active,ou=employees, ou=people, o=mydomain.com
        user_filter: (uid=%s)
        user_scope: sub
        user_field: uid
        user_search_options:
          deref: always
        use_roles: 1
        role_basedn: ou=active,ou=employees, ou=people, o=mydomain.com
        role_filter: (uid=%s)
        role_scope: sub
        role_field: groupmembership
        role_value: uid
        role_search_options:
          deref: always

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20080709/3a459dfa/attachment.htm

More information about the Catalyst mailing list