seismofish has asked for the wisdom of the Perl Monks concerning the following question:

Hello Monks!

I'm writing mod-perl handler scripts to run on Apache 2.4 under Ubuntu 24.04. I'm using mod_authnz_ldap to connect to an Active Directory for authentication and authorization. mod_authnz_ldap relies on mod-ldap and the docs for mod-ldap only discuss it providing LDAP services to other modules.

My handler script needs to make several LDAP queries and I would like to take advantage of mod-ldap's persistent connections and operation cache.

Is this possible? It's very hard to find relevant documentation on the web because of the huge number of search results regarding authentication, authorization, Net::LDAP and, of course, Apache's own Directory Server software. Can anyone point me at relevant material or give me some hints?

Yours,

<°}}}>«<

Replies are listed 'Best First'.
Re: querying LDAP from mod-perl handlers
by Corion (Patriarch) on Apr 22, 2025 at 11:49 UTC

    I think this is mostly an issue of Apache configuration and not so much about Perl:

    mod_authnz_ldap completely relies on mod_ldap.

    The mod_ldap example configuration shows how to set up a cache for LDAP results.

    The next paragraph there discusses the (automatic...) connection pool.

    I think in your mod_perl handler, you will find the user already authenticated if you set up the appropriate mod_authnz_ldap rules for the path to your mod_perl handler(s).

    I now realize that you want to use the caching implemeneted in mod_ldap from your mod_perl handler. I think there should be documentation in mod_perl2 about how to call functionality exposed by other Apache modules, but I don't see anything there that would help you there...

[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom