[Catalyst] Catalyst::Authentication::Credential::LDAP
Bruce J Keeler
bruce at drangle.com
Wed Jul 23 20:16:16 BST 2008
Peter Karman wrote:
> On 07/22/2008 10:37 PM, Matt S Trout wrote:
>
>> On Wed, Jun 25, 2008 at 11:27:13AM -0700, Bruce J Keeler wrote:
>>
>>> Also, somewhat apropos, I have a
>>> C::A::{Store,Credential}::ActiveDirectory that I based on the LDAP
>>> stuff. The LDAP modules didn't work for me because they want to bind
>>> anonymously and retrieve the crypted password, whereas AD just wants to
>>> authenticate with a bind.
>>>
>> So, having established this isn't true.
>>
>> Could you perhaps instead post a message asking why your config of the
>> main LDAP store didn't work so we can figure out what configuration problem
>> you had and document it?
>>
>
> likely he is missing a 'binddn' and 'bindpw' config setting. The initial bind() will try
> anonymously if those are not set. What I usually do for Active Directory is create a user
> specifically for use with Net::LDAP (and by extension, C::A::Store::LDAP), and then do all
> my initial binds with that user/pass.
>
> 'binddn' and 'bindpw' are fully documented; if the docs can be improved, please send a patch.
>
>
I seem to recall trying that, but it's been long enough that I don't
recall the details of what went wrong.
The other reason I went off in my own direction is that I wanted to pull
role information from AD groups, and I couldn't see any way of making
that work with the stock ::LDAP modules. I will try to make some time
to revisit this stuff soon.
Bruce
More information about the Catalyst
mailing list