The Perl Toolchain Summit needs more sponsors. If your company depends on Perl, please support this very important event.
NAME
    Authen::Simple::LDAP - Simple LDAP authentication

SYNOPSIS
        use Authen::Simple::LDAP;
    
        my $ldap = Authen::Simple::LDAP->new( 
            host    => 'ldap.company.com',
            basedn  => 'ou=People,dc=company,dc=net'
        );
    
        if ( $ldap->authenticate( $username, $password ) ) {
            # successfull authentication
        }
    
        # or as a mod_perl Authen handler
    
        PerlModule Authen::Simple::Apache
        PerlModule Authen::Simple::LDAP

        PerlSetVar AuthenSimpleLDAP_host   "ldap.company.com"
        PerlSetVar AuthenSimpleLDAP_basedn "ou=People,dc=company,dc=net"

        <Location /protected>
          PerlAuthenHandler Authen::Simple::LDAP
          AuthType          Basic
          AuthName          "Protected Area"
          Require           valid-user
        </Location>

DESCRIPTION
    Authenticate against a LDAP service.

METHODS
    *   new

        This method takes a hash of parameters. The following options are
        valid:

        *       host

                Connection host, can be a hostname, IP number or a URI.
                Defaults to "localhost".

                    host => ldap.company.com
                    host => 10.0.0.1
                    host => ldap://ldap.company.com:389
                    host => ldaps://ldap.company.com

        *       port

                Connection port, default to 389. May be overriden by host if
                host is a URI.

                    port => 389

        *       timeout

                Connection timeout, defaults to 60.

                    timeout => 60

        *       version

                The LDAP version to use, defaults to 3.

                    version => 3

        *       binddn

                The distinguished name to bind to the server with, defaults
                to bind anonymously.

                    binddn => 'uid=proxy,cn=users,dc=company,dc=com'

        *       bindpw

                The credentials to bind with.

                    bindpw => 'secret'

        *       basedn

                The distinguished name of the search base.

                    basedn => 'cn=users,dc=company,dc=com'

        *       filter

                LDAP filter to use in search, defaults to "(uid=%s)".

                    filter => '(uid=%s)'

        *       scope

                The search scope, can be "base", "one" or "sub", defaults to
                "sub".

                    filter => 'sub'

        *       log

                Any object that supports "debug", "info", "error" and
                "warn".

                    log => Log::Log4perl->get_logger('Authen::Simple::LDAP')

    *   authenticate( $username, $password )

        Returns true on success and false on failure.

EXAMPLE USAGE
  Apple Open Directory
        my $ldap = Authen::Simple::LDAP->new(
            host    => 'od.company.com',
            basedn  => 'cn=users,dc=company,dc=com',
            filter  => '(&(objectClass=inetOrgPerson)(objectClass=posixAccount)(uid=%s))'
        );

  Microsoft Active Directory
        my $ldap = Authen::Simple::LDAP->new(
            host    => 'ad.company.com',
            binddn  => 'proxyuser@company.com',
            bindpw  => 'secret',
            basedn  => 'cn=users,dc=company,dc=com',
            filter  => '(&(objectClass=organizationalPerson)(objectClass=user)(sAMAccountName=%s))'
        );

    Active Directory by default does not allow anonymous binds. It's
    recommended that a proxy user is used that has sufficient rights to
    search the desired tree and attributes.

SEE ALSO
    Authen::Simple::ActiveDirectory.

    Authen::Simple.

    Net::LDAP.

AUTHOR
    Christian Hansen "chansen@cpan.org"

COPYRIGHT
    This program is free software, you can redistribute it and/or modify it
    under the same terms as Perl itself.