Re^2: Catalyst LDAP Authentication Not Working

I am running Catalyst 5.90042, Perl v5.10.1, on Red Hat Enterprise Linux Server release 6.4 The configuration in Config::General format

<Plugin::Authentication>
    <default>
        <store>
           class       LDAP
           ldap_server ldap://ldap.server:3268
           binddn bind@domain
           bindpw password
           user_basedn basedn
           user_field  samaccountname
           user_filter (sAMAccountName=%s))
           user_scope  sub
        <user_search_options>
           dref always
        </user_search_options>
        </store>
        <credential>
           class          Password
           password_type  self_check
           password_field password
        </credential>
    </default>
</Plugin::Authentication>
[download]

The Controller module action

sub login : Local {
    my ( $self, $c ) = @_;

    if (    my $user     = $c->req->params->{user}
        and my $password = $c->req->params->{password} )
    {

        if ( $c->authenticate( { login => $user,
                         password    => $password,
                         })) {

            $c->response->redirect($c->uri_for('/'));
        }
        else {
            # login incorrect
            use Data::Dumper;
            $c->response->body("Login Incorrect");
        }
    }
    else {
        # invalid form input
        $c->response->body("Form Input Invalid");
    }
}
[download]

Comment on Re^2: Catalyst LDAP Authentication Not Working Select or Download Code

Replies are listed 'Best First'.
Re^3: Catalyst LDAP Authentication Not Working by Your Mother (Archbishop) on Oct 17, 2013 at 19:53 UTC
Don't know if it's the issue but `(sAMAccountName=%s))` has an extra close paren. Might want to add this to the `store` (sorry, I like YAML better than Config::General)- `ldap_server_options: timeout: 30 onerror: warn` [download] I would also recommend never taking query params for login; insist on POST params. Otherwise some user might discover that she can auto-login with a URL with her credentials in the query string. `my $user = $c->req->params->{user} and my $password = $c->req->params->{password} # Becomes... my $user = $c->request->body_params->{user} and my $password = $c->request->body_params->{password}` [download]	[reply] [d/l] [select]
Re^4: Catalyst LDAP Authentication Not Working by Anonymous Monk on Oct 17, 2013 at 19:58 UTC
Thanks. The extra parenthesis was the problem. If it was a snake, I'd be bit.	[reply]
Re^3: Catalyst LDAP Authentication Not Working by Anonymous Monk on Oct 17, 2013 at 19:02 UTC
As in http://perlmonks.org/?node_id=856404, I changed `$c->authenticate( { login => $user` to `$c->authenticate( { id => $user,` and it didn't help.	[reply] [d/l] [select]
Re^4: Catalyst LDAP Authentication Not Working by Anonymous Monk on Oct 17, 2013 at 19:13 UTC
Here is the packet capture 1 0.000000 catserver -> ldapserver TCP 38760 > msft-gc [SYN] Seq=0 + Win=14600 Len=0 MSS=1460 TSV=4135990048 TSER=0 WS=6 2 0.000244 ldapserver -> catserver TCP msft-gc > 38760 [SYN, ACK] +Seq=0 Ack=1 Win=8192 Len=0 MSS=1460 WS=8 TSV=338886467 TSER=413599004 +8 3 0.000271 catserver -> ldapserver TCP 38760 > msft-gc [ACK] Seq=1 + Ack=1 Win=14656 Len=0 TSV=4135990049 TSER=338886467 4 0.013696 catserver -> ldapserver LDAP bindRequest(1) "apache@ads +.state.mo.us" simple 5 0.031177 ldapserver -> catserver LDAP bindResponse(1) success 6 0.031310 catserver -> ldapserver TCP 38760 > msft-gc [ACK] Seq=4 +5 Ack=23 Win=14656 Len=0 TSV=4135990080 TSER=338886470 7 0.055315 catserver -> ldapserver TCP 38760 > msft-gc [FIN, ACK] +Seq=45 Ack=23 Win=14656 Len=0 TSV=4135990104 TSER=338886470 8 0.055602 ldapserver -> catserver TCP msft-gc > 38760 [ACK] Seq=2 +3 Ack=46 Win=66560 Len=0 TSV=338886473 TSER=4135990104 9 0.055662 ldapserver -> catserver TCP msft-gc > 38760 [RST, ACK] +Seq=23 Ack=46 Win=0 Len=0 [download]	[reply] [d/l]