Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"
 
PerlMonks  

Catalyst LDAP Authentication Not Working

by Anonymous Monk
on Oct 17, 2013 at 16:03 UTC ( #1058641=perlquestion: print w/ replies, xml ) Need Help??
Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

I am using LDAP authentication for my Catalyst application. Using tcpdump, I see the initial bind happening, but the Catalyst app never searches for a user name and never tries to bind with the username/password. What information do you need to help me?

Comment on Catalyst LDAP Authentication Not Working
Re: Catalyst LDAP Authentication Not Working
by keszler (Priest) on Oct 17, 2013 at 16:42 UTC
      I am running Catalyst 5.90042, Perl v5.10.1, on Red Hat Enterprise Linux Server release 6.4 The configuration in Config::General format
      <Plugin::Authentication> <default> <store> class LDAP ldap_server ldap://ldap.server:3268 binddn bind@domain bindpw password user_basedn basedn user_field samaccountname user_filter (sAMAccountName=%s)) user_scope sub <user_search_options> dref always </user_search_options> </store> <credential> class Password password_type self_check password_field password </credential> </default> </Plugin::Authentication>
      The Controller module action
      sub login : Local { my ( $self, $c ) = @_; if ( my $user = $c->req->params->{user} and my $password = $c->req->params->{password} ) { if ( $c->authenticate( { login => $user, password => $password, })) { $c->response->redirect($c->uri_for('/')); } else { # login incorrect use Data::Dumper; $c->response->body("Login Incorrect"); } } else { # invalid form input $c->response->body("Form Input Invalid"); } }
        As in http://perlmonks.org/?node_id=856404, I changed $c->authenticate( { login => $user to $c->authenticate( { id => $user, and it didn't help.

        Don't know if it's the issue but (sAMAccountName=%s)) has an extra close paren. Might want to add this to the store (sorry, I like YAML better than Config::General)-

        ldap_server_options: timeout: 30 onerror: warn

        I would also recommend never taking query params for login; insist on POST params. Otherwise some user might discover that she can auto-login with a URL with her credentials in the query string.

        my $user = $c->req->params->{user} and my $password = $c->req->params->{password} # Becomes... my $user = $c->request->body_params->{user} and my $password = $c->request->body_params->{password}
Re: Catalyst LDAP Authentication Not Working
by Your Mother (Canon) on Oct 17, 2013 at 19:57 UTC

    Sorry, I replied to wrong node. :P See my other post.

      It's okay, you replied to the anonymonk's other post.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1058641]
Approved by marto
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (13)
As of 2014-09-19 12:15 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (137 votes), past polls