Name

Bric::Util::AuthLDAP - Bricolage LDAP authentication

Synopsis

In bricolage.conf

AUTH_ENGINES = LDAP

Description

This module provides an interface for the Bricolage to authenticate users against an LDAP server. If one of the authentication engines assigned to the AUTH_ENGINES bricolage.conf directive is "LDAP", then this module will be loaded by the user class and used for authentication. See the Bric::Admin Bric::Admin/"Authentication Configuration" section for more in-depth information on authentication engines, as well as its Bric::Admin/"LDAP Configuration" section for the specifics on configuring Bricolage to authenticate against your LDAP server.

This module is used internally by Bric::Biz::Person::User; it should not be used directly.

Interface

Class Methods

authenticate

Bric::Util::AuthLDAP->authenticate($user, $password);

Pass a user object and a password to this method to authenticate the user to an LDAP server with the password. Returns true if the password validates, and false if it does not.

Note that a user may successfully authenticate to the LDAP server but still not successfully authenticate to Bricolage if you've set the LDAP_GROUP directive to the DN of a user grop on your LDAP server. In such a case, the user must also be a member of that group to use Bricolage. This provides a simple allow and disallow users to access Bricolage from within LDAP. Users must still exist within Bricolage with the same username, however. A user that can successfully authenticate to the LDAP server will not be able to authenticate in Bricolage until a the corresponding Bricolage user object has been created.

set_password

Bric::Util::AuthLDAP->set_password($user, $password);

This method is a no-op; it simply returns the invocant. It is not currently possible to change LDAP passwords from Bricolage. This functionality may be added in the future.

Author

David Wheeler <david@kineticode.com>

See Also

Bric::Admin: Bric::Admin/"Authentication Configuration"

Provides a description of the Bricolage authentication system and details on how to configure it.

Bric::Admin: Bric::Admin/"LDAP Configuration"

LDAP authentication configuration information.

Bric::Util::AuthInternal

Provides Bricolage's default, internal authentication interface.

Bric::Biz::Person::User

The user class calls out to this module to authenticate users and change passwords.

Bric::Security

Detailed discussion of Bricolage security, including authentication.

Copyright and License

Copyright (c) 2005 Kineticode, Inc. See Bric::License for complete license terms and conditions.