On 21 May 2012, at 16:42, Robert Wohlfarth wrote: > On Mon, May 21, 2012 at 9:20 AM, Kenneth S Mclane <ksmcl...@us.ibm.com> wrote: > They are apparently doing the initial bind with the credentials submitted by > the user, I am getting invalid credentials the way I have it above, if I > change it to anonymous I get a "LDAP Error while searching for user: No such > object". I could use some suggestions. > > I dealt with an LDAP server that required you to login to query your own > information. The standard Catalyst::Authentication::Store::LDAP does not work > with this model.
Yes it does! What makes you think it doesn't? > So I wrote a credential module that did nothing more than connect to the LDAP > server. If the connection succeeded, then that user is authenticated. That sort of strategy is usually a bad idea, as you're mandating that you have 1 flat level of LDAP for users - you have to know the DN to bind as initially, and so if you do this, you have to concatenate the username to a DN in some way - which means if you ever reorganise your LDAP (for example putting users into grouped OU containers), then your auth will stop working. Cheers t0m _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
