I have no control over the LDAP server, How would I change things so the submitted username and password would be inserted as the credentials to be used as the initial bind?
From: Tomas Doran <[email protected]> To: The elegant MVC web framework <[email protected]> Date: 05/21/2012 10:57 AM Subject: Re: [Catalyst] LDAP question On 21 May 2012, at 16:42, Robert Wohlfarth wrote: > On Mon, May 21, 2012 at 9:20 AM, Kenneth S Mclane <[email protected]> wrote: > They are apparently doing the initial bind with the credentials submitted by the user, I am getting invalid credentials the way I have it above, if I change it to anonymous I get a "LDAP Error while searching for user: No such object". I could use some suggestions. > > I dealt with an LDAP server that required you to login to query your own information. The standard Catalyst::Authentication::Store::LDAP does not work with this model. Yes it does! What makes you think it doesn't? > So I wrote a credential module that did nothing more than connect to the LDAP server. If the connection succeeded, then that user is authenticated. That sort of strategy is usually a bad idea, as you're mandating that you have 1 flat level of LDAP for users - you have to know the DN to bind as initially, and so if you do this, you have to concatenate the username to a DN in some way - which means if you ever reorganise your LDAP (for example putting users into grouped OU containers), then your auth will stop working. Cheers t0m _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
_______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
