[Catalyst] LDAP question
Kenneth S Mclane
ksmclane at us.ibm.com
Mon May 21 16:02:37 GMT 2012
I have no control over the LDAP server, How would I change things so the
submitted username and password would be inserted as the credentials to be
used as the initial bind?
Tomas Doran <bobtfish at bobtfish.net>
The elegant MVC web framework <catalyst at lists.scsys.co.uk>
05/21/2012 10:57 AM
Re: [Catalyst] LDAP question
On 21 May 2012, at 16:42, Robert Wohlfarth wrote:
> On Mon, May 21, 2012 at 9:20 AM, Kenneth S Mclane <ksmclane at us.ibm.com>
> They are apparently doing the initial bind with the credentials
submitted by the user, I am getting invalid credentials the way I have it
above, if I change it to anonymous I get a "LDAP Error while searching for
user: No such object". I could use some suggestions.
> I dealt with an LDAP server that required you to login to query your own
information. The standard Catalyst::Authentication::Store::LDAP does not
work with this model.
Yes it does! What makes you think it doesn't?
> So I wrote a credential module that did nothing more than connect to the
LDAP server. If the connection succeeded, then that user is authenticated.
That sort of strategy is usually a bad idea, as you're mandating that you
have 1 flat level of LDAP for users - you have to know the DN to bind as
initially, and so if you do this, you have to concatenate the username to
a DN in some way - which means if you ever reorganise your LDAP (for
example putting users into grouped OU containers), then your auth will
List: Catalyst at lists.scsys.co.uk
Dev site: http://dev.catalyst.perl.org/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Catalyst