Hi Birger, Once you've authenticated with LDAP, or with any backend, it is important that you store the session information somewhere.. Some people use a database, memcached, tmp file, or any other method.
That way, when the client comes with the next request, he will offer a cookie that can be verified for authorization purposes. francisco On Feb 27, 2012, at 2:30 AM, Birger Burkhardt wrote: > Hello Peter, > > thank you for your reply. > > no, i am not storing these credentials as i thought the module would do this. > I also tried to use the following package, but it doesn't work either: > > http://cpansearch.perl.org/src/BOBTFISH/Catalyst-Model-LDAP-FromAuthentication-0.02/README > > According to this changelog (see entry in Version 1.007): > http://cpan.uwinnipeg.ca/htdocs/Catalyst-Authentication-Store-LDAP/Changes.html > the user object has to be serialized and stored in the session. Do you have > an idea how to do this? > > Best regards, > Birger > > > On Sat, Feb 25, 2012 at 3:41 AM, Peter Karman <[email protected]> wrote: > Birger Burkhardt wrote on 2/24/12 7:22 AM: > > > After successful authentication, all further request > > should be executed via the credentials of the logged in user. > > > > are you somehow storing those credentials so that they persist over the life > of > the session? The LDAP authn plugin does not do that for you, afaik. The > credentials exist only for the life of that particular login HTTP request. > > or maybe I'm misunderstanding what you're trying to do? > > > In the login controller the user is authenticated > > [...] > > # Get the username and password from form > > my $username =3D $c->request->params->{username}; > > my $password =3D $c->request->params->{password}; > > > > # If the username and password values were found in form > > if ($username && $password) { > > # Attempt to log the user in > > if ($c->authenticate({ username =3D> $username, > > password =3D> $password })) { > > [...] > > > > But when I do a new request from within another controller, i get an ldap > > error meaning the credentials are invalid: > > > > code in other controller: > > [...] > > my $ldapconn =3D $c->user->ldap_connection(); > > my $mesg =3D $ldapconn->search( base =3D> "ou=3Dusers,dc=3Dexample,= > > dc=3Dcom", > > filter =3D> "(uid=3D*)"); > > my @entries =3D $mesg->sorted('uid'); > > $c->stash(users =3D> \@entries,); > > $c->stash(template =3D> 'userList.tt2'); > > [...] > > > > > -- > Peter Karman . http://peknet.com/ . [email protected] > > _______________________________________________ > List: [email protected] > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: http://www.mail-archive.com/[email protected]/ > Dev site: http://dev.catalyst.perl.org/ > > _______________________________________________ > List: [email protected] > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: http://www.mail-archive.com/[email protected]/ > Dev site: http://dev.catalyst.perl.org/ Francisco Obispo email: [email protected] Phone: +1 650 423 1374 || INOC-DBA *3557* NOC PGP KeyID = B38DB1BE _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
