6 Catalyst::Authentication::Store::LDAP::User
7 - A User object representing an LDAP object.
11 You should be creating these objects through L<Catalyst::Authentication::Store::LDAP::Backend>'s "get_user" method, or just letting $c->login do
15 my ( $self, $c ) = @_;
16 $c->login($c->req->param(username), $c->req->param(password));
17 $c->log->debug($c->user->username . "is really neat!");
20 If you access just $c->user in a scalar context, it will return the current
25 This wraps up an LDAP object and presents a simplified interface to it's
26 contents. It uses some AUTOLOAD magic to pass method calls it doesn't
27 understand through as simple read only accessors for the LDAP entries
30 It gets grumpy if you ask for an attribute via the AUTOLOAD mechanism
31 that it doesn't know about. Avoid that with using "has_attribute",
32 discussed in more detail below.
34 You can skip all that and just go straight to the L<Net::LDAP::Entry>
35 object through the "ldap_entry" method:
37 my $entry = $c->user->ldap_entry;
39 It also has support for Roles.
43 package Catalyst::Authentication::Store::LDAP::User;
44 use base qw( Catalyst::Authentication::User Class::Accessor::Fast );
49 our $VERSION = '0.1004';
51 BEGIN { __PACKAGE__->mk_accessors(qw/user store/) }
53 use overload '""' => sub { shift->stringify }, fallback => 1;
57 =head2 new($store, $user)
59 Takes a L<Catalyst::Authentication::Store::LDAP::Backend> object
60 as $store, and the data structure returned by that class's "get_user"
63 Returns a L<Catalyst::Authentication::Store::LDAP::User> object.
68 my ( $class, $store, $user ) = @_;
72 bless { store => $store, user => $user, }, $class;
77 Returns the results of the "stringify" method.
83 return $self->stringify;
88 Uses the "user_field" configuration option to determine what the "username"
89 of this object is, and returns it.
91 If you use the special value "dn" for user_field, it will return the DN
92 of the L<Net::LDAP::Entry> object.
98 my $userfield = $self->store->user_field;
99 $userfield = $$userfield[0] if ref $userfield eq 'ARRAY';
100 if ( $userfield eq "dn" ) {
101 my ($string) = $self->user->ldap_entry->dn;
105 my ($string) = $self->$userfield;
110 =head2 supported_features
112 Returns hashref of features that this Authentication::User subclass supports.
116 sub supported_features {
118 password => { self_check => 1, },
120 roles => { self_check => 0, },
124 =head2 check_password($password)
126 Bind's to the directory as the DN of the internal L<Net::LDAP::Entry> object,
127 using the bind password supplied in $password. Returns 1 on a successful
133 my ( $self, $password ) = @_;
135 = $self->store->ldap_bind( undef, $self->ldap_entry->dn, $password,
137 if ( defined($ldap) ) {
138 if ($self->store->role_search_as_user) {
139 # Have to do the role lookup _now_, as this is the only time
140 # that we have the user's password/ldap bind..
152 Returns the results of L<Catalyst::Authentication::Store::LDAP::Backend>'s "lookup_roles" method, an array of roles that are valid for this user.
159 $self->{_roles} ||= [$self->store->lookup_roles($self, $ldap)];
160 return @{$self->{_roles}};
165 Returns the User object, stringified.
171 return $self->stringify;
176 Returns the raw ldap_entry.
182 return $self->user->{'ldap_entry'};
185 =head2 attributes($type)
187 Returns an array of attributes present for this user. If $type is "ashash",
188 it will return a hash with the attribute names as keys. (And the values of
189 those attributes as, well, the values of the hash)
194 my ( $self, $type ) = @_;
195 if ( $type eq "ashash" ) {
196 return $self->user->{'attributes'};
199 return keys( %{ $self->user->{'attributes'} } );
205 Returns the values for an attribute, or undef if that attribute is not present.
206 The safest way to get at an attribute.
211 my ( $self, $attribute ) = @_;
212 if ( !defined($attribute) ) {
213 Catalyst::Exception->throw(
214 "You must provide an attribute to has_attribute!");
216 if ( $attribute eq "dn" ) {
217 return $self->ldap_entry->dn;
219 elsif ( exists( $self->user->{'attributes'}->{$attribute} ) ) {
220 return $self->user->{'attributes'}->{$attribute};
227 =head2 AUTOLOADed methods
229 We automatically map the attributes of the underlying L<Net::LDAP::Entry>
230 object to read-only accessor methods. So, if you have an entry that looks
233 dn: cn=adam,ou=users,dc=yourcompany,dc=com
236 homeDirectory: /home/adam
240 mail: adam@yourcompany.com
244 objectClass: inetOrgPerson
245 objectClass: organizationalPerson
248 objectClass: posixAccount
252 $c->user->homedirectory
254 And you'll get the value of the "homeDirectory" attribute. Note that
255 all the AUTOLOADed methods are automatically lower-cased.
257 =head2 Special Keywords
259 The highly useful and common method "username" will map to the configured
260 value of user_field (uid by default.)
262 $c->user->username == $c->user->uid
269 ( my $method ) = ( our $AUTOLOAD =~ /([^:]+)$/ );
271 if ( $method eq "DESTROY" ) {
274 if ( exists( $self->user->{'attributes'}->{$method} ) ) {
275 return $self->user->{'attributes'}->{$method};
277 elsif ( $method eq "username" ) {
278 my $userfield = $self->store->user_field;
279 my $username = $self->has_attribute($userfield);
284 Catalyst::Exception->throw( "User is missing the "
286 . " attribute, which should not be possible!" );
290 Catalyst::Exception->throw(
291 "No attribute $method for User " . $self->stringify );
301 Adam Jacob <holoway@cpan.org>
303 Some parts stolen shamelessly and entirely from
304 L<Catalyst::Plugin::Authentication::Store::Htpasswd>.
306 Currently maintained by Peter Karman <karman@cpan.org>.
310 To nothingmuch, ghenry, castaway and the rest of #catalyst for the help. :)
314 L<Catalyst::Authentication::Store::LDAP>, L<Catalyst::Authentication::Store::LDAP::Backend>, L<Catalyst::Plugin::Authentication>, L<Net::LDAP>
316 =head1 COPYRIGHT & LICENSE
318 Copyright (c) 2005 the aforementioned authors. All rights
319 reserved. This program is free software; you can redistribute
320 it and/or modify it under the same terms as Perl itself.