Apache2-AuthZLDAP
1 match

 view release on metacpan or  search on metacpan

lib/Apache2/AuthZLDAP.pm  view on Meta::CPAN 

    # See start_tls in Net::LDAP for more information
    # (none|optional|require)
    PerlSetVar LDAPTLSverify    none

    # Set to a directory that contains the CA certs
    PerlSetVar LDAPTLScapath    /path/to/cadir

    # Set to a file that contains the CA cert
    PerlSetVar LDAPTLScafile    /path/to/cafile.pem

    # Specifies a user/password to use for the bind
    # If LDAPuser is not specified, AuthZLDAP will attempt an anonymous bind
    PerlSetVar LDAPuser         cn=user,o=org
    PerlSetVar LDAPpassword     secret

    # Sets the LDAP search scope
    # (base|one|sub)
    # Defaults to sub
    PerlSetVar LDAPscope        sub

    # Defines the search filter
    # [uid] will be replaced by the username passed in to AuthZLDAP
    PerlSetVar LDAPfilter       &(member=uid=[uid],ou=people,dc=organization,dc=domain)(cn=admins)

lib/Apache2/AuthZLDAP.pm  view on Meta::CPAN 

    my $LDAPTLSverify = lc($r->dir_config('LDAPTLSverify'));
    my $LDAPTLScapath = $r->dir_config('LDAPTLScapath');
    my $LDAPTLScafile = $r->dir_config('LDAPTLScafile');

    if($LDAPTLS ne "yes" && $LDAPTLS ne "no"){
	$LDAPTLS="no";
    }

    ## bind
    my $LDAPuser = $r->dir_config('LDAPuser'); 
    my $LDAPpassword = $r->dir_config('LDAPpassword');

    ## baseDN and Filters
    my $LDAPbaseDN = $r->dir_config('LDAPbaseDN');
    my $LDAPscope =  lc($r->dir_config('LDAPscope'));
    my $LDAPfilter = $r->dir_config('LDAPfilter');

    if($LDAPscope ne 'base' && $LDAPscope ne 'one' && $LDAPscope ne 'sub'){
        $LDAPscope = 'sub';
    }

lib/Apache2/AuthZLDAP.pm  view on Meta::CPAN 

    }
    
    if ($LDAPTLS eq 'yes') {
        $mesg = $session->start_tls(capath=>$LDAPTLScapath, cafile=>$LDAPTLScafile, verify=>$LDAPTLSverify);
	if ($mesg->code) {
             $r->log_error("Apache2::AuthZLDAP : $location, LDAP error could not start TLS : ".$mesg->error);
	}
        return Apache2::Const::HTTP_UNAUTHORIZED;
    }
    
    ## user password bind if configured else anonymous
    if (defined $LDAPuser and defined $LDAPpassword){
        $mesg = $session->bind($LDAPuser,password=>$LDAPpassword);
    }else{
        $mesg = $session->bind();
    }

    if($mesg->code){
	my $err_msg = 'LDAP error cannot bind ';
        if (defined $LDAPuser){
             $err_msg .= "as $LDAPuser";
        }else{
             $err_msg .= 'anonymously';



( run in 0.637 second using v1.01-cache-2.11-cpan-49f99fa48dc )