[Catalyst] ldap authentication/db authorization
Steve Rippl
rippls at woodlandschools.org
Mon Aug 10 03:18:40 GMT 2009
Hello!
I have a question that is hopefully trivial for someone here, but I
haven't seen any examples. I have an app I'm building, used by folks in
an Active Directory network. It's got a DBIx model and I'd like to use
that for role based authorization and getting staff members
grade/building info etc (it's a school district), but I'd like to (just)
authenticate against ldap. I don't want to store any user/role data
there (obviously their username is in there and it matches what I have
in the db), simply try to bind against it as the user, then get store
data from the database. This way they can use their network passwords
and I don't have to fill AD with application specific info.
Make sense? Easy to do?
So far I'm doing it all via the db...
name WsdSis
<authentication>
default_realm dbic
<realms>
<dbic>
<credential>
class Password
password_type clear
</credential>
<store>
user_class DB::Staff
role_relation roles
role_field role
</store>
</dbic>
</realms>
</authentication>
...
and
...
use Catalyst qw/
-Debug
ConfigLoader
Static::Simple
StackTrace
Authentication
Authorization::Roles
Session
Session::Store::FastMmap
Session::State::Cookie
/;
...
What would these look like if I'm able to squeeze the ldap plugin in
there? Can I have 2 Authentication::Store backends in there?
TIA,
Steve
--
Steve Rippl
Technology Director
Woodland School District
360 225 9451 x326
More information about the Catalyst
mailing list