[Catalyst] Catalyst::Authentication::Credential::LDAP
Matt S Trout
dbix-class at trout.me.uk
Thu Jul 24 03:38:30 BST 2008
On Wed, Jul 23, 2008 at 08:29:42AM -0500, Peter Karman wrote:
>
>
> On 07/22/2008 10:37 PM, Matt S Trout wrote:
> > On Wed, Jun 25, 2008 at 11:27:13AM -0700, Bruce J Keeler wrote:
> >> Also, somewhat apropos, I have a
> >> C::A::{Store,Credential}::ActiveDirectory that I based on the LDAP
> >> stuff. The LDAP modules didn't work for me because they want to bind
> >> anonymously and retrieve the crypted password, whereas AD just wants to
> >> authenticate with a bind.
> >
> > So, having established this isn't true.
> >
> > Could you perhaps instead post a message asking why your config of the
> > main LDAP store didn't work so we can figure out what configuration problem
> > you had and document it?
>
> likely he is missing a 'binddn' and 'bindpw' config setting. The initial bind() will try
> anonymously if those are not set. What I usually do for Active Directory is create a user
> specifically for use with Net::LDAP (and by extension, C::A::Store::LDAP), and then do all
> my initial binds with that user/pass.
Hmmm. Should there be an alternative option where (if the user DN is
deterministic from the username) it skips the first part and just
tries the bind with $generated_dn and $supplied_password (where
$generated_dn is the result of a subref/sprintf pattern/whatever
supplied in config) ?
--
Matt S Trout Need help with your Catalyst or DBIx::Class project?
Technical Director http://www.shadowcat.co.uk/catalyst/
Shadowcat Systems Ltd. Want a managed development or deployment platform?
http://chainsawblues.vox.com/ http://www.shadowcat.co.uk/servers/
More information about the Catalyst
mailing list