On Mar 6, 2012, at 12:54 PM, Marcin S wrote:
> Hello everyone,
>
> I need to create a rails app where authentication and permissions for
> certain application actions will be provided by LDAP server. There is
> a problem with LDAP connection management, as every user login will
> spawn new connection object instance it may dangerously increase
> application memory usage (tbh i dont know what will happen, nothing
> good for sure) - LDAP server can close connection remotly after some
> idle time, but some connection resources will remain in memory non the
> less.
> I've made some google research what may be best course of action to
> manage this issue and i think creating connection pool sounds good.
> I've commited few average sized rails projects but nothing i've
> experienced so far is giving me any clues how to implement this
> solution.
>
> I'll be happy to hear how You would do it.
----
No - only 1 connection to LDAP server using a special account for the purpose
with sufficient privileges for the task.
It's easy enough to create 'local' users who authenticate via LDAP and then you
can manage their privileges/permissions via Rights/Roles if you want.
simple ruby app using net-ldap
#!/usr/local/bin/ruby
#
require 'rubygems'
require 'net/ldap'
$person = "cwhite"
$passwd = "won't_work"
ldap = Net::LDAP.new :encryption => :simple_tls,
:host => 'ldap.server',
:port => 636, # use 389 for non-ssl
:auth => {
:method => :simple,
:username => "uid=" + $person + ", ou=people, dc=example, dc=com",
:password => $passwd
}
if ldap.bind
p "LDAP authentication succeeded"
else
p "LDAP authentication failed"
end
Should give you enough of a concept for implementing in Rails
Craig
--
You received this message because you are subscribed to the Google Groups "Ruby
on Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
