Class CASServer::Authenticators::LDAP
In: lib/casserver/authenticators/ldap.rb
Parent: CASServer::Authenticators::Base

Basic LDAP authenticator. Should be compatible with OpenLDAP and other similar LDAP servers, although it hasn‘t been officially tested. See example config file for details on how to configure it.

Methods

Public Instance methods

[Source]

    # File lib/casserver/authenticators/ldap.rb, line 26
26:   def validate(credentials)
27:     read_standard_credentials(credentials)
28: 
29:     return false if @password.blank?
30: 
31:     raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
32:     raise CASServer::AuthenticatorError, "Invalid LDAP authenticator configuration!" unless @options[:ldap]
33:     raise CASServer::AuthenticatorError, "You must specify a server host in the LDAP configuration!" unless @options[:ldap][:host] || @options[:ldap][:server]
34: 
35:     raise CASServer::AuthenticatorError, "The username '#{@username}' contains invalid characters." if (@username =~ /[*\(\)\0\/]/)
36: 
37:     preprocess_username
38: 
39:     @ldap = Net::LDAP.new
40: 
41: 
42:     @options[:ldap][:host] ||= @options[:ldap][:server]
43:     @ldap.host = @options[:ldap][:host]
44:     @ldap.port = @options[:ldap][:port] if @options[:ldap][:port]
45:     @ldap.encryption(@options[:ldap][:encryption].intern) if @options[:ldap][:encryption]
46: 
47:     begin
48:       if @options[:ldap][:auth_user]
49:         bind_success = bind_by_username_with_preauthentication
50:       else
51:         bind_success = bind_by_username
52:       end
53: 
54:       return false unless bind_success
55: 
56:       entry = find_user
57:       extract_extra_attributes(entry)
58: 
59:       return true
60:     rescue Net::LDAP::LdapError => e
61:       raise CASServer::AuthenticatorError,
62:         "LDAP authentication failed with '#{e}'. Check your authenticator configuration."
63:     end
64:   end

Protected Instance methods

[Source]

    # File lib/casserver/authenticators/ldap.rb, line 67
67:     def default_username_attribute
68:       "cn"
69:     end

[Validate]