[cgiapp] CGI::Application::Plugin::Authorization, LDAP and Microsoft AD
Brandon Wood
woody at 2143.net
Thu Mar 4 13:15:46 EST 2010
I have built a site that uses CGI::Application::Plugin::Authentication using
the Authen::Simple::LDAP driver against a Microsoft AD server.
__PACKAGE__->authen->config(
DRIVER => [ 'Authen::Simple::LDAP',
host => 'ldap://xxxx.xxxx.xxxx.com:389',
basedn =>
'ou=Users,ou=NorthAmerica,dc=xxxx,dc=xxxx,dc=xxxx,dc=com',
filter =>
'(&(objectClass=organizationalPerson)(objectClass=user)(sAMAccountName=%s))',
],
STORE => 'Session',
LOGOUT_RUNMODE => 'default',
);
__PACKAGE__->authen->protected_runmodes('2', '4', '5', '7', '8', '9', '11',
'12');
The page authenticates against the AD server fine. I am trying to figure out
how to take it to the next step for Group authorization using
CGI::Application::Plugin::Authorization. Looking at the example in CPAN I
see how it is done using a database but I have not been able to find any
examples using LDAP; checking against the 'memberOf' fields (on
cpan/google/perlmonks/this mailing list archive) .
If anyone has tackled this before and is willing to show some code example
or point me in the right direction I would appreciate it.
Thank You,
Woody
More information about the cgiapp
mailing list