Im having difficulties setting up my controller to connect to our ldap
server. I''ve searched around in google and found wikis of snippets of
some code to set ruby ldap. Below is what I currently have but Im
getting "uninitialized constant LDAP" when I try to access the login.
Im not what what Im missing or how to debug this. Any suggestions or
tips is appreciated.
class LoginController < ApplicationController
#Bind with the main credential and query the full DN of the email
address
#given to us as a parameter, then unbind and rebind as the user.
def self.authenticate(username,password)
logger.debug("username = " + username)
ldap_con = initialize_ldap_con(username,password)
treebase = "DC=domain,DC=domainext"
mail_filter = Net::LDAP::Filter.eq( "mail",
''test-J0of1frlU80@public.gmane.org'' )
op_filter = Net::LDAP::Filter.eq( "objectClass",
"organizationalPerson" )
dn = String.new
ldap_con.search( :base => treebase, :filter => op_filter &
mail_filter, :attributes=> ''dn'') do |entry|
dn = entry.dn
end
login_succeeded = false
unless dn.empty?
ldap_con = initialize_ldap_con(dn,password)
login_succeeded = true if ldap_con.bind
end
logger.debug("login_succeeded = " + login_succeeded)
login_succeeded
end
private
def self.initialize_ldap_con(user_name, password)
Net::LDAP.new( {:host => ''hostnamehere'', :port =>
389, :auth => {
:method => :simple, :username => user_name, :password => password }} )
end
def index
case @request.method
when :post
if @session[''user'']
LoginController.authenticate(@params[''user_login''],
@params[''user_password''])
flash[''notice''] = "Login successful"
redirect_back_or_default :action => "overview"
else
@login = @params[''user_login'']
@message = "Login unsuccessful"
end
end
end
end
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---
Im having difficulties setting up my controller to connect to our ldap
server. I''ve searched around in google and found wikis of snippets of
some code to set ruby ldap. Below is what I currently have but Im
getting "uninitialized constant LDAP" when I try to access the login.
Im not what what Im missing or how to debug this. Any suggestions or
tips is appreciated.
class LoginController < ApplicationController
#Bind with the main credential and query the full DN of the email
address
#given to us as a parameter, then unbind and rebind as the user.
def self.authenticate(username,password)
logger.debug("username = " + username)
ldap_con = initialize_ldap_con(username,password)
treebase = "DC=domain,DC=domainext"
mail_filter = Net::LDAP::Filter.eq( "mail",
''...@test.com'' )
op_filter = Net::LDAP::Filter.eq( "objectClass",
"organizationalPerson" )
dn = String.new
ldap_con.search( :base => treebase, :filter => op_filter &
mail_filter, :attributes=> ''dn'') do |entry|
dn = entry.dn
end
login_succeeded = false
unless dn.empty?
ldap_con = initialize_ldap_con(dn,password)
login_succeeded = true if ldap_con.bind
end
logger.debug("login_succeeded = " + login_succeeded)
login_succeeded
end
private
def self.initialize_ldap_con(user_name, password)
Net::LDAP.new( {:host => ''hostnamehere'', :port =>
389, :auth => {
:method => :simple, :username => user_name, :password => password }} )
end
def index
case @request.method
when :post
if @session[''user'']
LoginController.authenticate(@params[''user_login''],
@params[''user_password''])
flash[''notice''] = "Login successful"
redirect_back_or_default :action => "overview"
else
@login = @params[''user_login'']
@message = "Login unsuccessful"
end
end
end
end
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---
jakim8915-FFYn/CNdgSA@public.gmane.org wrote:> Im having difficulties setting up my controller to connect to our ldap > server. I''ve searched around in google and found wikis of snippets of > some code to set ruby ldap. Below is what I currently have but Im > getting "uninitialized constant LDAP" when I try to access the login. > Im not what what Im missing or how to debug this. Any suggestions or > tips is appreciated. > >This may sound like a dumb question but did you require ''net/ldap''? And did you actually install the library? -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
jakim8915-FFYn/CNdgSA@public.gmane.org wrote:> Im having difficulties setting up my controller to connect to our ldap > server. I''ve searched around in google and found wikis of snippets ofJadeler, did you ever figure it out? -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
Hi Francis, yes, it was missing the require ''net/ldap'',
thanks for the
tip. I tried it in irb but forgot to put it in the controller. I have
to read up alittle bit about net::ldap as Im not getting the
appropriate credentials. Im getting results below in irb. Is there an
example I can use to test out an example to test out a schema?
irb(main):023:0> require ''net/ldap''
=> true
irb(main):024:0> ldap = Net::LDAP.new :host => ''solar'',
irb(main):025:0* :port => 389,
irb(main):026:0* :auth => {
irb(main):027:1* :method => :simple,
irb(main):028:1* :username =>
"cn=manager,dc=example,dc=com",
irb(main):029:1* :password => "opensesame"
irb(main):030:1> }
=> #<Net::LDAP:0x2c35148 @base="dc=com", @open_connection=nil,
@auth={:username>"cn=manager,dc=example,dc=com",
:password=>"opensesame", :method=>:simple}, @en
cryption=nil, @verbose=false, @port=389, @host="solar">
irb(main):031:0>
irb(main):032:0* filter = Net::LDAP::Filter.eq( "cn",
"George*" )
=> #<Net::LDAP::Filter:0x2c265bc @left="cn", @op=:eq,
@right="George*">
irb(main):033:0> treebase = "dc=example,dc=com"
=> "dc=example,dc=com"
irb(main):034:0>
irb(main):035:0* ldap.search( :base => treebase, :filter => filter )
do |entry|
irb(main):036:1* puts "DN: #{entry.dn}"
irb(main):037:1> entry.each do |attribute, values|
irb(main):038:2* puts " #{attribute}:"
irb(main):039:2> values.each do |value|
irb(main):040:3* puts " --->#{value}"
irb(main):041:3> end
irb(main):042:2> end
irb(main):043:1> end
=> false
irb(main):044:0>
irb(main):045:0* p ldap.get_operation_result
#<OpenStruct message="Invalid Credentials", code=49>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---
Jadeler Amin wrote:> Hi Francis, yes, it was missing the require ''net/ldap'', thanks for the > tip. I tried it in irb but forgot to put it in the controller. I have > to read up alittle bit about net::ldap as Im not getting the > appropriate credentials. Im getting results below in irb. Is there an > example I can use to test out an example to test out a schema? >Net::LDAP has an extensive Rdoc that should tell you what you need to know. In particular I would look at Net::LDAP#bind and Net::LDAP#bind_as. I assume from your sample code that you''re trying to contact your LDAP server in order to authenticate users (and not to search attributes or perform authorization). This is a very simple case and the docs should help you. I don''t know what you googled for but I''m aware that Simon Claret wrote up a wiki page somewhere, with code that looks very much like what you''ve posted. He used a standard pattern (bind as admin/query user DN/re-bind as user) which subsequently got added to Net::LDAP as the Net::LDAP#bind_as method. If you are able to use #bind_as, then you''ll get away with a lot less code than you''ve already written. LDAP does tend to confuse people (you don''t mention whether you are new to LDAP or not), especially people who are used to relational data. LDAP is a pretty different animal. -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
Im new to LDAP and Ruby. Trying to tackle both is hard. I originally got the login to work in rails using database and the login generator but was going towards more of a single sign-on using ldap. I will continue to try to tackle this and will look at the rdocs. If you happen to know the url to the wiki, that you point me to the right direction. Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk -~----------~----~----~----~------~----~------~--~---
From the error you posted change:
ldap.search( :base => treebase, :filter => filter )
to this:
ldap.search( :base => treebase, :filter => filter ,:auth => {:method
=>
:anonymous})
or if you want
ldap.search(:base => treebase, :filter => filter, :auth => {:method
=>
:simple, :username => username, :password => password})
--
Andrew Stone
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---
Here is my embarrasingly simplest-thing-that-could-work:
class LoginTestController < ApplicationController
def index
ldap = Net::LDAP.new
ldap.host = ''COSEAD.cose.win2k''
ldap.port = 389
ldap.auth
''username-im/ocaCSyt7zJQSN9WaumQ@public.gmane.org'',
''some_test_password''
if ldap.bind
# authentication succeeded
render :text=>''yay''
else
# authentication failed
render :text=>''boo''
end
end
end
That at least makes sure the LDAP part works, then it''s simple to build
out the Rails part.
Ron
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk
-~----------~----~----~----~------~----~------~--~---