oracular (3) Authen::Simple::LDAP.3pm.gz

Provided by: libauthen-simple-ldap-perl_0.3-1.1_all bug

NAME

       Authen::Simple::LDAP - Simple LDAP authentication

SYNOPSIS

           use Authen::Simple::LDAP;

           my $ldap = Authen::Simple::LDAP->new(
               host    => 'ldap.company.com',
               basedn  => 'ou=People,dc=company,dc=net'
           );

           if ( $ldap->authenticate( $username, $password ) ) {
               # successfull authentication
           }

           # or as a mod_perl Authen handler

           PerlModule Authen::Simple::Apache
           PerlModule Authen::Simple::LDAP

           PerlSetVar AuthenSimpleLDAP_host   "ldap.company.com"
           PerlSetVar AuthenSimpleLDAP_basedn "ou=People,dc=company,dc=net"

           <Location /protected>
             PerlAuthenHandler Authen::Simple::LDAP
             AuthType          Basic
             AuthName          "Protected Area"
             Require           valid-user
           </Location>

DESCRIPTION

       Authenticate against a LDAP service.

METHODS

       •   new

           This method takes a hash of parameters. The following options are valid:

           •       host

                   Connection host, can be a hostname, IP number or a URI. Defaults to
                   "localhost".

                       host => ldap.company.com
                       host => 10.0.0.1
                       host => ldap://ldap.company.com:389
                       host => ldaps://ldap.company.com

           •       port

                   Connection port, default to 389. May be overridden by host if host is a URI.

                       port => 389

           •       timeout

                   Connection timeout, defaults to 60.

                       timeout => 60

           •       version

                   The LDAP version to use, defaults to 3.

                       version => 3

           •       binddn

                   The distinguished name to bind to the server with, defaults to bind
                   anonymously.

                       binddn => 'uid=proxy,cn=users,dc=company,dc=com'

           •       bindpw

                   The credentials to bind with.

                       bindpw => 'secret'

           •       basedn

                   The distinguished name of the search base.

                       basedn => 'cn=users,dc=company,dc=com'

           •       filter

                   LDAP filter to use in search, defaults to "(uid=%s)".

                       filter => '(uid=%s)'

           •       scope

                   The search scope, can be "base", "one" or "sub", defaults to "sub".

                       filter => 'sub'

           •       log

                   Any object that supports "debug", "info", "error" and "warn".

                       log => Log::Log4perl->get_logger('Authen::Simple::LDAP')

       •   authenticate( $username, $password )

           Returns true on success and false on failure.

EXAMPLE USAGE

   Apple Open Directory
           my $ldap = Authen::Simple::LDAP->new(
               host    => 'od.company.com',
               basedn  => 'cn=users,dc=company,dc=com',
               filter  => '(&(objectClass=inetOrgPerson)(objectClass=posixAccount)(uid=%s))'
           );

   Microsoft Active Directory
           my $ldap = Authen::Simple::LDAP->new(
               host    => 'ad.company.com',
               binddn  => 'proxyuser@company.com',
               bindpw  => 'secret',
               basedn  => 'cn=users,dc=company,dc=com',
               filter  => '(&(objectClass=organizationalPerson)(objectClass=user)(sAMAccountName=%s))'
           );

       Active Directory by default does not allow anonymous binds. It's recommended that a proxy
       user is used that has sufficient rights to search the desired tree and attributes.

SEE ALSO

       Authen::Simple::ActiveDirectory.

       Authen::Simple.

       Net::LDAP.

AUTHOR

       Christian Hansen "chansen@cpan.org"

       This program is free software, you can redistribute it and/or modify it under the same
       terms as Perl itself.