[Catalyst] mix authentication stores

jay kuri jayk at ion0.com
Wed Oct 1 03:10:39 BST 2008

Hello Stephan,

The short answer is yes, it is possible. But you will need to do some
work to make it happen.

The long answer is Yeeeeeessssssss.  Basically, Catalyst authentication
is split into two pieces Credentials and Stores.  A Store finds / holds
the users.  A credential is responsible for comparing the authentication
information with a user (somehow) and determining whether they are who
they claim to be.

It is possible to use LDAP to authenticate the user, but store that
user's information in the database.  Unfortunately there are not any
LDAP credentials.  There is an LDAP store, but it expects that role
information is stored in LDAP also.

So what you need to do is create a credential that verifies your user
via LDAP (probably using Catalyst::Model::LDAP) and then use the
DBIx::Class Store to store your user information.  Alternately you could
create a module that subclasses (or even just wraps) the LDAP store and
override the role related methods to access the database.

As someone else mentioned, the Internals doc in
Catalyst::Plugin::Authentication explains in detail how credentials /
stores work... I doubt you'd have much trouble.

Let me know if you need any more information.


On Tue, 2008-09-30 at 20:58 +0200, Stephan Jennewein wrote:
> Hi,
> is it possible to use ldap to authenticate and dbic (a database) to handle the
> user role relation ? So that it works like it resides all in one storage
> backend.
> If yes how do I configure that in the $application.conf ?
> Stephan
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

More information about the Catalyst mailing list