Yves Agostini > Jifty-Plugin-AuthzLDAP-0.9 > Jifty::Plugin::AuthzLDAP

Download:
Jifty-Plugin-AuthzLDAP-0.9.tar.gz

Dependencies

Annotate this POD

View/Report Bugs
Module Version: 0.9   Source  

NAME ^

Jifty::Plugin::AuthzLDAP - Jifty plugin to a add dynamic ldap authorization

DESCRIPTION ^

Jifty plugin. Provide ldap authorization with filters table and cache.

CONFIGURATION NOTES ^

in etc/config.yml Plugins: - AuthzLDAP: LDAPbind: cn=testldap,ou=admins,dc=myorg,dc=org # LDAPpass: test # password LDAPhost: ldap.myorg.org # ldap host LDAPbase: ou=people,dc=myorg.. # ldap base LDAPuid: uid # optional CacheTimout: 20 # minutes, optional, default 20 minutes

in application create a LDAPFilter model use base qw/Jifty::Plugin::AuthzLDAP::Model::LDAPFilter/;

in LDAPFilter model create your filters, something like name |filter |is_group is_admin|(!eduPersonAffiliation=STUDENT)|0 in_admin|cn=admin,ou=groups,dc=my.org |1

to protect access to /admin in "TestApp" application create a lib/TestApp/Dispatcher.pm

    use strict;
    use warnings;

    package TestApp::Dispatcher;
    use Jifty::Dispatcher -base;

    before '/admin/*' => run {
       # Authentication
       Jifty->web->tangent(url => '/login')
            if (! Jifty->web->current_user->id);
       # Authorization
       my $user = Jifty->web->current_user->user_object->name;
       Jifty->web->tangent(url => '/error/AccessDenied')
            if (! Jifty::Plugin::AuthzLDAP->ldapvalidate($user,'is_admin') );
    };

    1

SEE ALSO ^

Net::LDAP

METHODS ^

init

load config parameters, connect to ldap, create memory cache

BASE CACHE DN LDAP BASE UID PASS LDAPFilterClass

accesors to conf parametres

bind

Bind to ldap

ldapvalidate NAME FILTERNAME

return 1 if NAME validate FILTER or NAME-FILTERNAME in cache else return 0

If FILTERNAME is flagged as is_group, search if user is uniquemember of this group as supported by the Netscape Directory Server

AUTHOR ^

Yves Agostini, <yvesago@cpan.org>

LICENSE ^

Copyright 2007-2009 Yves Agostini. All Rights Reserved.

This program is free software and may be modified and distributed under the same terms as Perl itself.

syntax highlighting: