comment on

I am attempting to use Dancer2::Plugin::Auth::Extensible with Dancer2::Plugin::Auth::Extensible::Provider::LDAP and am running into some problems. For my SSCCE I have created a sample ap according to the directions at https://metacpan.org/pod/Dancer2::Cookbook#Using-DBIx::Class ("dancer2 -a bookstore") and created a restricted route called "restricted". I have entered my LDAP configuration information into the config.yml file, using working data from a successful LDAP search conducted from the command line on the same computer. I attempt to load the restricted route in the browser, I am redirected to a login page, I enter valid credentials and click "Login", and it says "Login failed." Expected behavior is that it display the message "You're logged in!". The code and error messages are below. ("a successful bind must be completed on the connection")

It would seem that something must be different between the LDAP search done from the command line, which is successful, and the LDAP operation (presumably it's a search for the information of the user logging in) that's done by the plugin, which fails. I'm not sure where to start or how to troubleshoot what that difference might be.

----------------------------------------------------------------------
+-
successful ldapsearch from command line (returns 264 entries)
 
ldapsearch -h xxx.xxx.xxx.xxx -D "cn=Test User,ou=user,ou=accounts,ou=
+our,dc=our,dc=domain,dc=com" -W -b "dc=our,dc=domain,dc=com" objectcl
+ass=person

----------------------------------------------------------------------
+-
# config.yml:

plugins:
  Auth::Extensible:
    realms:
      config1:
        provider: LDAP
        host: xxx.xxx.xxx.xxx
        basedn: dc=our,dc=domain,dc=com
        binddn: 'cn=Test User,OU=USER,OU=ACCOUNTS,OU=our,DC=our,DC=dom
+ain,DC=com'
        bindpw: password
        username_attribute: sn
        name_attribute: displayName
        

----------------------------------------------------------------------
+-
# bookstore.pm:

package bookstore;
use Dancer2;
use Dancer2::Plugin::Auth::Extensible;
use Dancer2::Plugin::Auth::Extensible::Provider::LDAP;

our $VERSION = '0.1';

get '/' => sub {
    template 'index' => { 'title' => 'bookstore' };
};

get '/restricted' => require_login sub {
    return "You are logged in!!";
};

true;

----------------------------------------------------------------------
+-
error message when attempting to login:

[bookstore:7168] core @2020-05-04 21:31:56> looking for post /login in
+ /home/camel/perl5/perlbrew/perls/perl-5.30.1/lib/site_perl/5.30.1/Da
+ncer2/Core/App.pm l. 35
[bookstore:7168] core @2020-05-04 21:31:56> Entering hook core.app.bef
+ore_request in (eval 305) l. 1
[bookstore:7168] core @2020-05-04 21:31:56> Entering hook plugin.auth_
+extensible.before_authenticate_user in (eval 305) l. 1
[bookstore:7168] debug @2020-05-04 21:31:56> Attempting to authenticat
+e testuser against realm config1 in /home/camel/perl5/perlbrew/perls/
+perl-5.30.1/lib/site_perl/5.30.1/Dancer2/Core/Route.pm l. 164
[bookstore:7168] debug @2020-05-04 21:31:57> Binding to LDAP with cred
+entials in /home/camel/perl5/perlbrew/perls/perl-5.30.1/lib/site_perl
+/5.30.1/Dancer2/Plugin/Auth/Extensible/Provider/LDAP.pm l. 230
[bookstore:7168] error @2020-05-04 21:31:57> config1 provider threw er
+ror: LDAP search error: 000004DC: LdapErr: DSID-0C0906DC, comment: In
+ order to perform this operation a successful bind must be completed 
+on the connection., data 0, v1db0 at /home/camel/perl5/perlbrew/perls
+/perl-5.30.1/lib/site_perl/5.30.1/Dancer2/Plugin/Auth/Extensible.pm l
+ine 473. in /home/camel/perl5/perlbrew/perls/perl-5.30.1/lib/site_per
+l/5.30.1/Dancer2/Core/Route.pm l. 164
[bookstore:7168] core @2020-05-04 21:31:57> Entering hook plugin.auth_
+extensible.after_authenticate_user in (eval 305) l. 1
[bookstore:7168] core @2020-05-04 21:31:57> looking for get /login in 
+/home/camel/perl5/perlbrew/perls/perl-5.30.1/lib/site_perl/5.30.1/Dan
+cer2/Core/App.pm l. 35
[bookstore:7168] core @2020-05-04 21:31:57> Entering hook core.app.bef
+ore_request in (eval 305) l. 1
[bookstore:7168] debug @2020-05-04 21:31:57> app has no login template
+ defined in /home/camel/perl5/perlbrew/perls/perl-5.30.1/lib/site_per
+l/5.30.1/Dancer2/Plugin/Auth/Extensible.pm l. 285
[bookstore:7168] core @2020-05-04 21:31:57> Entering hook core.app.aft
+er_request in (eval 305) l. 1
127.0.0.1 - - [04/May/2020:21:31:57 -0400] "POST /login?return_url=%2F
+restricted HTTP/1.1" 200 1191 "http://localhost:5000/login?return_url
+=%2Frestricted" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gec
+ko/20100101 Firefox/75.0"
127.0.0.1 - - [04/May/2020:21:31:57 -0400] "GET /css/style.css HTTP/1.
+1" 304 0 "http://localhost:5000/login?return_url=%2Frestricted" "Mozi
+lla/5.0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko/20100101 Firefox/7
+5.0"
127.0.0.1 - - [04/May/2020:21:31:57 -0400] "GET /images/perldancer-bg.
+jpg HTTP/1.1" 304 0 "http://localhost:5000/css/style.css" "Mozilla/5.
+0 (X11; Ubuntu; Linux x86_64; rv:75.0) Gecko/20100101 Firefox/75.0"
[download]

In reply to Dancer2::Plugin::Auth::Extensible::Provider::LDAP says "a successful bind must be completed"... by TieUpYourCamel

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.