Well since the passwords are maintained by a company wide system and can be authenticated via LDAP, I don't think I want to reinvent the authorization, since it is working. I think I will just reinvent the role checking, which should be much simpler. My question is: can I store the role information in the user session? I'll be reading up on that today. Maybe one day I'll get ambitious and figure out how to do it the way I wanted to.
Tomas Doran <[email protected]> wrote on 05/23/2012 11:04:52 AM: > From: > > Tomas Doran <[email protected]> > > To: > > The elegant MVC web framework <[email protected]> > > Date: > > 05/23/2012 11:07 AM > > Subject: > > Re: [Catalyst] Role problems, Still > > > On 23 May 2012, at 16:37, Kenneth S Mclane wrote: > > > I am having difficulty in getting my user to authenticate against > the second realm. After successfully authenticating against the ldap > server, I want to authenticate against the dbic realm as well as > that is where the roles are stored. It seems to ignore a second call > to $c-.authenticate. > > In this case, I would be using the DBIC authentication store module > (not the LDAP one), with the self_check Credential option + the > auto_create_user option, and writing a check_password method > (yourself) which looked up the user in LDAP and did the auth thereā¦ > > If you want roles and other foreign keys etc - then you want the > user row from DBIC to be master, and authentication to just be > delegated down to that row instance.. > > Cheers > t0m > > > _______________________________________________ > List: [email protected] > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: http://www.mail-archive.com/[email protected]/ > Dev site: http://dev.catalyst.perl.org/ >
_______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
