Hi Francisco, thank you for your reply. I already use sessions (FastMmap for Storage and Cookies for State). I can login to the GUI via my LDAP credentials. But the problem is: every further request has to be done with my personal credentials. Therefore the password should be stored somewhere safe. I don't want to store the userpassword in a unencrypted sessionvariable.
Best regards, Birger On Mon, Feb 27, 2012 at 6:52 PM, Francisco Obispo <fobi...@isc.org> wrote: > Hi Birger, > > Once you've authenticated with LDAP, or with any backend, it is important > that you store the session information somewhere.. Some people use a > database, memcached, tmp file, or any other method. > > That way, when the client comes with the next request, he will offer a > cookie that can be verified for authorization purposes. > > francisco > > > > On Feb 27, 2012, at 2:30 AM, Birger Burkhardt wrote: > > > Hello Peter, > > > > thank you for your reply. > > > > no, i am not storing these credentials as i thought the module would do > this. I also tried to use the following package, but it doesn't work either: > > > > > http://cpansearch.perl.org/src/BOBTFISH/Catalyst-Model-LDAP-FromAuthentication-0.02/README > > > > According to this changelog (see entry in Version 1.007): > > > http://cpan.uwinnipeg.ca/htdocs/Catalyst-Authentication-Store-LDAP/Changes.html > > the user object has to be serialized and stored in the session. Do you > have an idea how to do this? > > > > Best regards, > > Birger > > > > > > On Sat, Feb 25, 2012 at 3:41 AM, Peter Karman <pe...@peknet.com> wrote: > > Birger Burkhardt wrote on 2/24/12 7:22 AM: > > > > > After successful authentication, all further request > > > should be executed via the credentials of the logged in user. > > > > > > > are you somehow storing those credentials so that they persist over the > life of > > the session? The LDAP authn plugin does not do that for you, afaik. The > > credentials exist only for the life of that particular login HTTP > request. > > > > or maybe I'm misunderstanding what you're trying to do? > > > > > In the login controller the user is authenticated > > > [...] > > > # Get the username and password from form > > > my $username =3D $c->request->params->{username}; > > > my $password =3D $c->request->params->{password}; > > > > > > # If the username and password values were found in form > > > if ($username && $password) { > > > # Attempt to log the user in > > > if ($c->authenticate({ username =3D> $username, > > > password =3D> $password })) { > > > [...] > > > > > > But when I do a new request from within another controller, i get an > ldap > > > error meaning the credentials are invalid: > > > > > > code in other controller: > > > [...] > > > my $ldapconn =3D $c->user->ldap_connection(); > > > my $mesg =3D $ldapconn->search( base =3D> > "ou=3Dusers,dc=3Dexample,= > > > dc=3Dcom", > > > filter =3D> "(uid=3D*)"); > > > my @entries =3D $mesg->sorted('uid'); > > > $c->stash(users =3D> \@entries,); > > > $c->stash(template =3D> 'userList.tt2'); > > > [...] > > > > > > > > > -- > > Peter Karman . http://peknet.com/ . pe...@peknet.com > > > > _______________________________________________ > > List: Catalyst@lists.scsys.co.uk > > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > > Searchable archive: > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ > > Dev site: http://dev.catalyst.perl.org/ > > > > _______________________________________________ > > List: Catalyst@lists.scsys.co.uk > > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > > Searchable archive: > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ > > Dev site: http://dev.catalyst.perl.org/ > > Francisco Obispo > email: fobi...@isc.org > Phone: +1 650 423 1374 || INOC-DBA *3557* NOC > PGP KeyID = B38DB1BE > > > _______________________________________________ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ > Dev site: http://dev.catalyst.perl.org/ >
_______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/