Apache-AuthzNetLDAP
1 match

 view release on metacpan or  search on metacpan

AuthzNetLDAP.pm  view on Meta::CPAN 

   my $bindpwd = $r->dir_config('BindPWD') || "";
   my $basedn = $r->dir_config('BaseDN') || ""; 
   my $ldapserver = $r->dir_config('LDAPServer') || "localhost";
   my $ldapport = $r->dir_config('LDAPPort') || 389;
   my $uidattr = $r->dir_config('UIDAttr') || "uid";

   #first we connect to the LDAP server 
   my $ldap = new Net::LDAP($ldapserver, port => $ldapport);

   #initial bind as user in Apache config
   my $mesg = $ldap->bind($binddn, password=>$bindpwd);
  
   #each error message has an LDAP error code
   if (my $error = $mesg->code())
   {
        $r->note_basic_auth_failure;
        MP2 ? $r->log_error("user $username: LDAP Connection Failed: $error",$r->uri) : $r->log_reason("user $username: LDAP Connection Failed: $error",$r->uri);
        return MP2 ? Apache::HTTP_UNAUTHORIZED : Apache::Constants::HTTP_UNAUTHORIZED;
   }

   #first let's get the user's DN

AuthzNetLDAP.pm  view on Meta::CPAN 

# Below is the stub of documentation for your module. You better edit it!

=head1 NAME

Apache::AuthzNetLDAP - Apache-Perl module that enables you to authorize a user for Website
based on LDAP attributes.

=head1 SYNOPSIS

  PerlSetVar BindDN "cn=Directory Manager"
  PerlSetVar BindPWD "password"
  PerlSetVar BaseDN "ou=people,o=unt.edu"
  PerlSetVar LDAPServer ldap.unt.edu
  PerlSetVar LDAPPort 389
  PerlSetVar UIDAttr uid
 #PerlSetVar UIDAttr mail 
   
  PerlAuthenHandler Apache::AuthNetLDAP
  PerlAuthzHandler Apache::AuthzNetLDAP
  
  #require valid-user

AuthzNetLDAP.pm  view on Meta::CPAN 

dynamic groups, even if their LDAP server does not support such a capability.  

=head1 CONFIGURATION NOTES

 It is important to note that this module must be used in conjunction with an authentication module. (...? 
Is this true?  I just thought, that you might want to only authorize a user, instead of authenticate...)
If you are using an authentication module, then the following lines will not need to be duplicated:


  PerlSetVar BindDN "cn=Directory Manager"
  PerlSetVar BindPWD "password"
  PerlSetVar BaseDN "ou=people,o=unt.edu"
  PerlSetVar LDAPServer ldap.unt.edu
  PerlSetVar LDAPPort 389
  PerlSetVar UIDAttr uid
 #PerlSetVar UIDAttr mail 

  PerlAuthenHandler Apache::AuthNetLDAP

The following lines will not need to be duplicated if supported by the authentication module:



( run in 0.941 second using v1.01-cache-2.11-cpan-49f99fa48dc )