s_m_b has asked for the wisdom of the Perl Monks concerning the following question:

I was asking yesterday about the %ENV hash, and that seems to be the wrong way to look at the issue. CPAN has plenty of modules for LDAP and ADS and Kerberos, but I really need one that doesn't do the authentication so much as reads the authentication already done when a user logs onto the ADS domain. There isn't any security issue here, as I'm talking about a private, secured network.

Replies are listed 'Best First'.
Re: Authentication, LDAP , ADS etc
by marto (Cardinal) on Aug 01, 2006 at 10:15 UTC
[reply]
Re: Authentication, LDAP , ADS etc
by shmem (Chancellor) on Aug 01, 2006 at 15:01 UTC
    If authentication was performed outside perl, i.e. by the caller of your perl code, the caller might or might not pass the authentication information on, which might or might not be passed by setting environment variables.

    If the caller passes on the http headers to your perl code, you will probably see a line starting with Authorization:. If what follows is Basic, you can decode the following characters with MIME::Base64. The resulting string will be the username:password pair.

    Otherwise - if what follows is Negotiate, the web server received either a NTLM token or a Kerberos ticket, depending on the setup of your webserver.

    So, check the environment of your perl process (and the input for it - if any - on STDIN), and if something lacks there, check the webserver setup as suggested by answers for your previous post. If authentiation isn't you code's business, it can only deal with what it gets from upstream - so you should look there.

    --shmem 

    _($_=" "x(1<<5)."?\n".q·/)Oo.  G°\        /
                              /\_¯/(q    /
----------------------------  \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}
[reply]
[d/l]
[select]

Back to Seekers of Perl Wisdom