Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine

ldap authentication CGI

by kavkazi (Initiate)
on Oct 18, 2012 at 15:01 UTC ( #999753=perlquestion: print w/replies, xml ) Need Help??

kavkazi has asked for the wisdom of the Perl Monks concerning the following question:

I have a simple webpage deployed to tomcat which runs certain shell scripts based on user selection. The pages are written in html and cgi/perl.

We already have a working ldap server and directory. I need to be able to add security to the web page I created so a user is asked to login using their ldap account when trying to access the home page or any off the sub pages.

How do I add ldap authentication to my web page?

Please be very specific as I am new to all of this. Step by step instructions including code would be greatly appreciated. Thank You

I did a lot of research on google, but all of the solutions are generic, and I don't know where to start.

This is a good article, but I'm not sure where do I put my connection to ldap and the binding (which of my pages)? How do I make sure the authentication will apply to the sub pages as well, or any other one created in the future?


Replies are listed 'Best First'.
Re: ldap authentication CGI
by xorl (Deacon) on Oct 18, 2012 at 17:07 UTC
Re: ldap authentication CGI
by sundialsvc4 (Abbot) on Oct 18, 2012 at 20:18 UTC

    Well, one way to handle the authentication requirements of a web-site, in an LDAP-based intranet environment, is to simply let the web server protect the entire site.   Both Apache and (especially...) IIS can do this.   The web server has the magical means to determine who the requesting internal user is, and of course to distinguish internal users from outsiders.   Unauthorized users simply can’t reach the site at all.   Furthermore, those that do, have available credentials that the CGI program can query if further authentication logic within the site needs to use it.   (Internet users are automatically excluded.)

    This is one key way in which “intra-net” web sites are able to play by very different and much-simplified rules, versus those of the “wild and wooly” Internet-at-large.   If you simply want to restrict the entire site, you don’t have to write protective logic into the site at all.   The site is inside the fortress, and they’re checking badges at the door, and there’s no other way to get inside, and ... and that’s it.   (“Schweet!”)

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://999753]
Approved by girarde
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (3)
As of 2023-10-04 16:59 GMT
Find Nodes?
    Voting Booth?

    No recent polls found