[Catalyst] Catalyst and LDAP with sessions

Francisco Obispo fobispo at isc.org
Mon Feb 27 17:52:23 GMT 2012 

Hi Birger,

Once you've authenticated with LDAP, or with any backend, it is important that you store the session information somewhere.. Some people use a database, memcached, tmp file, or any other method.

That way, when the client comes with the next request, he will offer a cookie that can be verified for authorization purposes.

francisco



On Feb 27, 2012, at 2:30 AM, Birger Burkhardt wrote:

> Hello Peter,
> 
> thank you for your reply. 
> 
> no, i am not storing these credentials as i thought the module would do this. I also tried to use the following package, but it doesn't work either:
> 
> http://cpansearch.perl.org/src/BOBTFISH/Catalyst-Model-LDAP-FromAuthentication-0.02/README
> 
> According to this changelog (see entry in Version 1.007):
> http://cpan.uwinnipeg.ca/htdocs/Catalyst-Authentication-Store-LDAP/Changes.html
> the user object has to be serialized and stored in the session. Do you have an idea how to do this?
> 
> Best regards,
> Birger
> 
> 
> On Sat, Feb 25, 2012 at 3:41 AM, Peter Karman <peter at peknet.com> wrote:
> Birger Burkhardt wrote on 2/24/12 7:22 AM:
> 
> > After successful authentication, all further request
> > should be executed via the credentials of the logged in user.
> >
> 
> are you somehow storing those credentials so that they persist over the life of
> the session? The LDAP authn plugin does not do that for you, afaik. The
> credentials exist only for the life of that particular login HTTP request.
> 
> or maybe I'm misunderstanding what you're trying to do?
> 
> > In the login controller the user is authenticated
> > [...]
> >         # Get the username and password from form
> >         my $username =3D $c->request->params->{username};
> >         my $password =3D $c->request->params->{password};
> >
> >         # If the username and password values were found in form
> >         if ($username && $password) {
> >             # Attempt to log the user in
> >             if ($c->authenticate({ username =3D> $username,
> >                                    password =3D> $password })) {
> > [...]
> >
> > But when I do a new request from within another controller, i get an ldap
> > error meaning the credentials are invalid:
> >
> > code in other controller:
> > [...]
> >     my $ldapconn =3D $c->user->ldap_connection();
> >     my $mesg =3D $ldapconn->search(     base =3D> "ou=3Dusers,dc=3Dexample,=
> > dc=3Dcom",
> > filter =3D> "(uid=3D*)");
> >     my @entries =3D $mesg->sorted('uid');
> >     $c->stash(users =3D> \@entries,);
> >     $c->stash(template =3D> 'userList.tt2');
> > [...]
> >
> 
> 
> --
> Peter Karman  .  http://peknet.com/  .  peter at peknet.com
> 
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
> 
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

Francisco Obispo 
email: fobispo at isc.org
Phone: +1 650 423 1374 || INOC-DBA *3557* NOC
PGP KeyID = B38DB1BE

More information about the Catalyst mailing list