Am 25.01.2011 11:16, schrieb Tomas Doran:
On 25 Jan 2011, at 10:01, piccard wrote:
In view of that, I've got one more question. What I would really
need, is a password authentification against LDAP and if successful,
get the user and his roles from the database. So, is it possible to
split up this process and still use methods like check_any_user_role()?
I don't think you want the authentication framework to be doing that
for you.
If that's what you're _actually_ doing, then putting the
authentication logic into your user class makes much more sense, and
makes your data model much more consistent... Otherwise you have to
replicate the authentication framework if you ever want to log a user
in (or simulate a 'proper' user, or change password, or..) outside the
context of the Catalyst application.
I'm not sure if I will really run into these problems. I've tried it so
far this way:
a user authenticates hisself succesfully via LDAP.
afterwards the user will be logged out immediately.
then a dbix find_or_create-routine is going to fetch the user-object
which I'll use to reauthenticate via DB.
so I think this could work properly and at least I've got all the
goodies the authentication-framwork provides. what do you think?
unfortunately I'm using a 'dirty' hack to authenticate (the DB shouldn't
safe LDAP-passwords):
my $user = $c->model('DB::User')->find_or_create({ user_identification
=> $username });
$c->session->{__user} = { $user->get_columns };
I would prefer using $c->set_authenticated( $user, 'dbAuth'); but
somehow it doesn't work for me. I think I just use the wrong user-object.
The authentication framework already provides this sort of hook for
you, with the self_check configuration option, which says that the
user class is responsible for checking it's own password.
I'm not sure how this should work. the doc says 'self_check indicates
that the password should be passed to the check_password() routine on
the user object returned from the store'.
How or in which way I can set the hook?
_______________________________________________
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/