> -----Original Message----- > From: Peter Karman [mailto:[EMAIL PROTECTED] > Sent: Friday, December 22, 2006 15:51 > > Hermida, Leandro scribbled on 12/21/06 12:18 PM: > > > > Here are the errors shown in the Catalyst debug screen: > > > > Deep recursion on subroutine > > "Catalyst::Plugin::Authentication::Store::LDAP::User::stringify" at > > > /usr/lib/perl5/site_perl/5.8.5/Catalyst/Plugin/Authentication/Store/LD > > AP > > /User.pm line 254. > > Deep recursion on subroutine > > "Catalyst::Plugin::Authentication::Store::LDAP::User::AUTOLOAD" at > > > /usr/lib/perl5/site_perl/5.8.5/Catalyst/Plugin/Authentication/Store/LD > > AP > > /User.pm line 100. > > > > not sure if it's the same issue, but this might help: > > http://article.gmane.org/gmane.comp.web.catalyst.general/7523/ > match=ldap > > pek
It works! Thanks for this link! We need to make it clear that the user_field needs to be in lowercase to avoid this deep recursion error, at least with C::P::A::Store::LDAP and Active Directory. With user_filter it doesn't seem to matter. As mentioned in a previous email in this thread, I would like to propose for the documentation an example setup for Active Directory: In myapp.yml: authentication: ldap: ldap_server: ads.domain.com ldap_server_options: version: 3 binddn: cn=adsearchuser,cn=Users,dc=domain,dc=com bindpw: adsearchpassword user_basedn: cn=Users,dc=domain,dc=com user_scope: sub user_filter: (&(objectclass=user)(samaccountname=%s)) user_field: samaccountname Some notes: adsearchuser in the binddn should be replaced with the Windows account in your domain which had rights to search the Active Directory LDAP tree. adsearchpassword should be replaced with user_basedn can vary because your Windows sysadmin might have a hierarchy of OUs defined under the dc=domain,dc=com where he/she put user account entries. An example of an alternative could be ou=User,ou=Finance,dc=domain,dc=com. If your adsearchuser account has privileges to search the entire Active Directory tree I have found that simply specifying dc=domain,dc=com as the user_basedn will still work - it just has to search from higher in the tree before finding the entry. user_field needs to be in lowercase! TLS or SSL don't seem to work when connecting to Active Directory so please do not set start_tls: 1 nor specify the ldap_server as a URI with ldaps://. If someone has managed to get this to work using Net::LDAP, I would really like to know. Leandro _______________________________________________ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/