[cgiapp] CGI::Application::Plugin::Authorization, LDAP and Microsoft AD

Brandon Wood woody at 2143.net
Thu Mar 4 13:15:46 EST 2010


I have built a site that uses CGI::Application::Plugin::Authentication using
the Authen::Simple::LDAP driver against a Microsoft AD server.

__PACKAGE__->authen->config(
        DRIVER         => [ 'Authen::Simple::LDAP',
                             host   => 'ldap://xxxx.xxxx.xxxx.com:389',
                             basedn =>
'ou=Users,ou=NorthAmerica,dc=xxxx,dc=xxxx,dc=xxxx,dc=com',
                             filter =>
'(&(objectClass=organizationalPerson)(objectClass=user)(sAMAccountName=%s))',
                          ],
        STORE          => 'Session',
        LOGOUT_RUNMODE => 'default',
);

__PACKAGE__->authen->protected_runmodes('2', '4', '5', '7', '8', '9', '11',
'12');


The page authenticates against the AD server fine. I am trying to figure out
how to take it to the next step for Group authorization using
CGI::Application::Plugin::Authorization. Looking at the example in CPAN I
see how it is done using a database but I have not been able to find any
examples using LDAP; checking against the 'memberOf' fields  (on
cpan/google/perlmonks/this mailing list archive) .

If anyone has tackled this before and is willing to show some code example
or point me in the right direction I would appreciate it.

Thank You,
Woody


More information about the cgiapp mailing list