r70842 - in /trunk/libjifty-plugin-authentication-ldap-perl: ./ debian/ debian/source/ lib/Jifty/Plugin/Authentication/ lib/Jifty/Plugin/Authentication/Ldap/Action/
jawnsy-guest at users.alioth.debian.org
jawnsy-guest at users.alioth.debian.org
Tue Mar 8 03:13:54 UTC 2011
Author: jawnsy-guest
Date: Tue Mar 8 03:13:34 2011
New Revision: 70842
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=70842
Log:
looks good, dch -r
Added:
trunk/libjifty-plugin-authentication-ldap-perl/.gitignore
- copied unchanged from r70839, branches/upstream/libjifty-plugin-authentication-ldap-perl/current/.gitignore
trunk/libjifty-plugin-authentication-ldap-perl/README
- copied unchanged from r70839, branches/upstream/libjifty-plugin-authentication-ldap-perl/current/README
trunk/libjifty-plugin-authentication-ldap-perl/debian/source/
trunk/libjifty-plugin-authentication-ldap-perl/debian/source/format
Modified:
trunk/libjifty-plugin-authentication-ldap-perl/Changes
trunk/libjifty-plugin-authentication-ldap-perl/MANIFEST
trunk/libjifty-plugin-authentication-ldap-perl/META.yml
trunk/libjifty-plugin-authentication-ldap-perl/debian/changelog
trunk/libjifty-plugin-authentication-ldap-perl/debian/compat
trunk/libjifty-plugin-authentication-ldap-perl/debian/control
trunk/libjifty-plugin-authentication-ldap-perl/debian/copyright
trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap.pm
trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap/Action/LDAPLogin.pm
Modified: trunk/libjifty-plugin-authentication-ldap-perl/Changes
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/Changes?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/Changes (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/Changes Tue Mar 8 03:13:34 2011
@@ -1,4 +1,8 @@
Revision history for Perl module Jifty::Plugin::Authentication::Ldap
+
+1.01 Wed, 15 Sep 2010 12:36:08 +0200
+ - Active Directory style binding (ssinyagin)
+ - hooks login (ssinyagin)
1.00 Wed, 10 Jun 2009 11:49:12 +0200
- bump version number to avoid conflict with debian
Modified: trunk/libjifty-plugin-authentication-ldap-perl/MANIFEST
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/MANIFEST?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/MANIFEST (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/MANIFEST Tue Mar 8 03:13:34 2011
@@ -1,3 +1,4 @@
+.gitignore
Changes
inc/Module/AutoInstall.pm
inc/Module/Install.pm
@@ -20,5 +21,6 @@
Makefile.PL
MANIFEST This list of files
META.yml
+README
share/po/jifty_plugin_authentication_ldap.pot
t/00-load.t
Modified: trunk/libjifty-plugin-authentication-ldap-perl/META.yml
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/META.yml?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/META.yml (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/META.yml Tue Mar 8 03:13:34 2011
@@ -1,7 +1,7 @@
---
abstract: 'LDAP Authentication Plugin for Jifty'
author:
- - 'Yves Agostini, <yvesago at cpan.org>'
+ - 'Yves Agostini, <yvesago at cpan.org>, Stanislav Sinyagin'
build_requires:
ExtUtils::MakeMaker: 6.11
distribution_type: module
@@ -22,4 +22,4 @@
Net::LDAP: 0
resources:
license: http://dev.perl.org/licenses/
-version: 1.00
+version: 1.01
Modified: trunk/libjifty-plugin-authentication-ldap-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/debian/changelog?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/debian/changelog (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/debian/changelog Tue Mar 8 03:13:34 2011
@@ -1,10 +1,19 @@
-libjifty-plugin-authentication-ldap-perl (1.00-2) UNRELEASED; urgency=low
+libjifty-plugin-authentication-ldap-perl (1.01-1) unstable; urgency=low
+ [ Salvatore Bonaccorso ]
* debian/control: Changed: Replace versioned (build-)dependency on
perl (>= 5.6.0-{12,16}) with an unversioned dependency on perl (as
permitted by Debian Policy 3.8.3).
- -- Salvatore Bonaccorso <salvatore.bonaccorso at gmail.com> Sun, 16 Aug 2009 20:14:36 +0200
+ [ Jonathan Yu ]
+ * New upstream release
+ * Rewrite control description
+ * Add myself to Uploaders and Copyright
+ * Bump to debhelper compat 8
+ * Standards-Version 3.9.1 (no changes)
+ * Use new 3.0 (quilt) source format
+
+ -- Jonathan Yu <jawnsy at cpan.org> Mon, 07 Mar 2011 22:37:50 -0500
libjifty-plugin-authentication-ldap-perl (1.00-1) unstable; urgency=low
Modified: trunk/libjifty-plugin-authentication-ldap-perl/debian/compat
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/debian/compat?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/debian/compat (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/debian/compat Tue Mar 8 03:13:34 2011
@@ -1,1 +1,1 @@
-7
+8
Modified: trunk/libjifty-plugin-authentication-ldap-perl/debian/control
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/debian/control?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/debian/control (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/debian/control Tue Mar 8 03:13:34 2011
@@ -1,22 +1,25 @@
Source: libjifty-plugin-authentication-ldap-perl
Section: perl
Priority: optional
-Build-Depends: debhelper (>= 7)
-Build-Depends-Indep: perl, libjifty-perl (>= 0.90519),
- libnet-ldap-perl
+Build-Depends: debhelper (>= 8)
+Build-Depends-Indep: perl,
+ libjifty-perl,
+ libnet-ldap-perl
Maintainer: Debian Perl Group <pkg-perl-maintainers at lists.alioth.debian.org>
-Uploaders: AGOSTINI Yves <agostini at univ-metz.fr>
-Standards-Version: 3.8.2
+Uploaders: AGOSTINI Yves <agostini at univ-metz.fr>,
+ Jonathan Yu <jawnsy at cpan.org>
+Standards-Version: 3.9.1
Homepage: http://search.cpan.org/dist/Jifty-Plugin-Authentication-Ldap/
Vcs-Svn: svn://svn.debian.org/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/
Vcs-Browser: http://svn.debian.org/viewsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/
Package: libjifty-plugin-authentication-ldap-perl
Architecture: all
-Depends: ${perl:Depends}, ${misc:Depends}, libjifty-perl (>= 0.90519-1),
+Depends: ${perl:Depends}, ${misc:Depends},
+ libjifty-perl,
libnet-ldap-perl
-Description: LDAP Authentication Plugin for Jifty
- Jifty::Plugin::Authentication::Ldap provides Ldap authentication for
- your Jifty application. This authentication is added to your User model. You
- can mix this authentication with other Jifty authentication plugins like
- email/password or facebook.
+Description: Jifty plugin for authentication using LDAP
+ Jifty::Plugin::Authentication::Ldap is a Jifty authentication plugin using
+ the Lightweight Directory Access Protocol (LDAP). This authentication is
+ added to your User model and can be combined with other Jifty authentication
+ plugins.
Modified: trunk/libjifty-plugin-authentication-ldap-perl/debian/copyright
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/debian/copyright?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/debian/copyright (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/debian/copyright Tue Mar 8 03:13:34 2011
@@ -1,34 +1,35 @@
-Format-Specification:
- http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=196
-Upstream-Maintainer: Yves Agostini, <yvesago at cpan.org>
-Upstream-Source: http://search.cpan.org/dist/Jifty-Plugin-Authentication-Ldap/
-Upstream-Name: Jifty-Plugin-Authentication-Ldap
+Format-Specification: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=135
+Maintainer: Yves Agostini <yvesago at cpan.org>
+Source: http://search.cpan.org/dist/Jifty-Plugin-Authentication-Ldap/
+Name: Jifty-Plugin-Authentication-Ldap
Files: *
-Copyright: 2007-2009, Yves Agostini <yvesago at cpan.org>
-License-Alias: Perl
-License: Artistic | GPL-1+
+Copyright: 2007-2010, Yves Agostini <yvesago at cpan.org>
+License: Artistic or GPL-1+
-Files: inc/*
-Copyright: Copyright 2002 - 2008 by Brian Ingerson, Audrey Tang and Adam Kennedy.
-License: GPL-1+ | Artistic
- This program is free software; you can redistribute it and/or modify it under
- the same terms as Perl itself.
+Files: inc/Module/*
+Copyright: 2002-2010, Adam Kennedy <adamk at cpan.org>
+ 2002-2010, Audrey Tang <autrijus at autrijus.org>
+ 2002-2010, Brian Ingerson <ingy at cpan.org>
+License: Artistic or GPL-1+
Files: debian/*
Copyright: 2009, AGOSTINI Yves <agostini at univ-metz.fr>
-License: Artistic | GPL-1+
+ 2011, Jonathan Yu <jawnsy at cpan.org>
+License: Artistic or GPL-1+
License: Artistic
- This program is free software; you can redistribute it and/or modify
- it under the terms of the Artistic License, which comes with Perl.
- On Debian GNU/Linux systems, the complete text of the Artistic License
- can be found in `/usr/share/common-licenses/Artistic'
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the Artistic License, which comes with Perl.
+ .
+ On Debian systems, the complete text of the Artistic License can be
+ found in `/usr/share/common-licenses/Artistic'.
License: GPL-1+
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 1, or (at your option)
- any later version.
- On Debian GNU/Linux systems, the complete text of the GNU General
- Public License can be found in `/usr/share/common-licenses/GPL'
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 1, or (at your option)
+ any later version.
+ .
+ On Debian systems, the complete text of version 1 of the GNU General
+ Public License can be found in `/usr/share/common-licenses/GPL-1'.
Added: trunk/libjifty-plugin-authentication-ldap-perl/debian/source/format
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/debian/source/format?rev=70842&op=file
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/debian/source/format (added)
+++ trunk/libjifty-plugin-authentication-ldap-perl/debian/source/format Tue Mar 8 03:13:34 2011
@@ -1,0 +1,1 @@
+3.0 (quilt)
Modified: trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap.pm?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap.pm (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap.pm Tue Mar 8 03:13:34 2011
@@ -4,7 +4,7 @@
package Jifty::Plugin::Authentication::Ldap;
use base qw/Jifty::Plugin/;
-our $VERSION = '1.00';
+our $VERSION = '1.01';
=head1 NAME
@@ -119,7 +119,13 @@
=item C<LDAPbase>
-The base object where your users live.
+[Mandatory] The base object where your users live. If C<LDAPBindTemplate> is
+defined, C<LDAPbase> is only used for user search.
+
+=item C<LDAPBindTemplate>
+
+Alternatively to C<LDAPbase>, you can specify here the whole DN string, with
+I<%u> as a placeholder for UID.
=item C<LDAPMail>
@@ -153,8 +159,70 @@
See C<Net::LDAP> for a full list. You can overwrite the defaults
selectively or not at all.
+=item C<LDAPLoginHooks>
+
+Optional list of Perl functions that would be called after a successful login
+and after a corresponding User object is loaded and updated. The function is
+called with a hash array arguments, as follows:
+
+ username => string
+ user_object => User object
+ ldap => Net::LDAP object
+ infos => User attributes as returned by get_infos
+
+=item C<LDAPFetchUserAttr>
+
+Optional list of LDAP user attributes fetched by get_infos. The values are
+returned to the login hook as arrayrefs.
+
=back
+=head2 Example
+
+The following example authenticates the application against a MS Active
+Directory server for the domain MYDOMAIN. Each user entry has the attribute
+'department' which is used for authorization. C<LDAPbase> is used for user
+searching, and binding is done in a Microsoft way. The login hook checks
+if the user belongs to specific departments and updates the user record.
+
+
+ ######
+ # etc/config.yml:
+ Plugins:
+ - User: {}
+ - Authentication::Ldap:
+ LDAPhost: ldap1.mydomain.com
+ LDAPbase: 'DC=mydomain,DC=com'
+ LDAPBindTemplate: 'MYDOMAIN\%u'
+ LDAPName: displayName
+ LDAPMail: mail
+ LDAPuid: cn
+ LDAPFetchUserAttr:
+ - department
+ LDAPLoginHooks:
+ - 'Myapp::Model::User::ldap_login_hook'
+
+ ######
+ # package Myapp::Model::User;
+ sub ldap_login_hook
+ {
+ my %args = @_;
+
+ my $u = $args{'user_object'};
+ my $department = $args{'infos'}->{'department'}[0];
+
+ my $editor = 0;
+ if( $department eq 'NOC' or
+ $department eq 'ENGINEERING' )
+ {
+ $editor = 1;
+ }
+
+ $u->__set( column => 'is_content_editor', value => $editor );
+ }
+
+
+
=cut
sub init {
@@ -162,10 +230,18 @@
my %args = @_;
$params{'Hostname'} = $args{LDAPhost};
+ $params{'bind_template'} = $args{LDAPBindTemplate};
$params{'base'} = $args{LDAPbase} or die "Need LDAPbase in plugin config";
$params{'uid'} = $args{LDAPuid} || "uid";
$params{'email'} = $args{LDAPMail} || "";
$params{'name'} = $args{LDAPName} || "cn";
+ $params{'login_hooks'} = $args{LDAPLoginHooks} || [];
+ $params{'fetch_attrs'} = $args{LDAPFetchUserAttr} || [];
+
+ if( not $params{'bind_template'} ) {
+ $params{'bind_template'} = $params{'uid'}.'=%u,'.$params{'base'};
+ }
+
my $opts = $args{LDAPOptions} || {};
# Default options for Net::LDAP
@@ -182,6 +258,10 @@
return $LDAP;
}
+sub bind_template {
+ return $params{'bind_template'};
+}
+
sub base {
return $params{'base'};
}
@@ -202,22 +282,31 @@
return $params{'opts'};
};
+sub login_hooks {
+ return @{$params{'login_hooks'}};
+}
sub get_infos {
my ($self,$user) = @_;
my $result = $self->LDAP()->search (
base => $self->base(),
- filter => '(uid= '.$user.')',
- attrs => [$self->name(),$self->email()],
+ filter => '('.$self->uid().'='.$user.')',
+ attrs => [$self->name(),$self->email(), @{$params{'fetch_attrs'}}],
sizelimit => 1
);
$result->code && Jifty->log->error( 'LDAP uid=' . $user . ' ' . $result->error );
- my ($ret) = $result->entries;
- my $name = $ret->get_value($self->name());
- my $email = $ret->get_value($self->email());
-
- return ({ name => $name, email => $email });
+ my ($entry) = $result->entries;
+ my $ret = {
+ dn => $entry->dn(),
+ name => $entry->get_value($self->name()),
+ email => $entry->get_value($self->email()),
+ };
+ foreach my $attr (@{$params{'fetch_attrs'}}) {
+ my @val = $entry->get_value($attr);
+ $ret->{$attr} = [ @val ];
+ }
+ return $ret;
};
@@ -228,13 +317,13 @@
=head1 AUTHORS
-Yves Agostini, <yvesago at cpan.org>
+Yves Agostini, <yvesago at cpan.org>, Stanislav Sinyagin
and others authors from Jifty (maxbaker, clkao, sartak, alexmv)
=head1 LICENSE
-Copyright 2007-2009 Yves Agostini. All Rights Reserved.
+Copyright 2007-2010 Yves Agostini. All Rights Reserved.
This program is free software and may be modified and distributed under the same terms as Perl itself.
Modified: trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap/Action/LDAPLogin.pm
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap/Action/LDAPLogin.pm?rev=70842&op=diff
==============================================================================
--- trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap/Action/LDAPLogin.pm (original)
+++ trunk/libjifty-plugin-authentication-ldap-perl/lib/Jifty/Plugin/Authentication/Ldap/Action/LDAPLogin.pm Tue Mar 8 03:13:34 2011
@@ -63,8 +63,9 @@
my $self = shift;
my $username = $self->argument_value('ldap_id');
my ($plugin) = Jifty->find_plugin('Jifty::Plugin::Authentication::Ldap');
- my $dn = $plugin->uid().'='.$username.','.
- $plugin->base();
+
+ my $dn = $plugin->bind_template();
+ $dn =~ s/\%u/$username/g;
Jifty->log->debug( "dn = $dn" );
@@ -124,6 +125,16 @@
Jifty->web->current_user( $user );
Jifty->web->session->set_cookie;
+ foreach my $proc ($plugin->login_hooks()) {
+ eval( '&' . $proc . '( username => $username, ' .
+ 'user_object => $u, ldap => $plugin->LDAP(), infos => $infos )' );
+ if( $@ ) {
+ Jifty->log->error('Cannot eval ' . $proc . ': ' . $@);
+ $self->result->error('Cannot eval ' . $proc . ': ' . $@);
+ return;
+ }
+ }
+
# Success!
$self->report_success;
More information about the Pkg-perl-cvs-commits
mailing list