6 Catalyst::Authentication::Store::LDAP::User
7 - A User object representing an LDAP object.
11 You should be creating these objects through L<Catalyst::Authentication::Store::LDAP::Backend>'s "get_user" method, or just letting $c->authenticate do
15 my ( $self, $c ) = @_;
17 id => $c->req->param(username),
18 password => $c->req->param(password)
20 $c->log->debug($c->user->username . "is really neat!");
23 If you access just $c->user in a scalar context, it will return the current
28 This wraps up an LDAP object and presents a simplified interface to it's
29 contents. It uses some AUTOLOAD magic to pass method calls it doesn't
30 understand through as simple read only accessors for the LDAP entries
33 It gets grumpy if you ask for an attribute via the AUTOLOAD mechanism
34 that it doesn't know about. Avoid that with using "has_attribute",
35 discussed in more detail below.
37 You can skip all that and just go straight to the L<Net::LDAP::Entry>
38 object through the "ldap_entry" method:
40 my $entry = $c->user->ldap_entry;
42 It also has support for Roles.
46 package Catalyst::Authentication::Store::LDAP::User;
47 use base qw( Catalyst::Authentication::User Class::Accessor::Fast );
52 our $VERSION = '0.1004';
54 BEGIN { __PACKAGE__->mk_accessors(qw/user store _ldap_connection/) }
56 use overload '""' => sub { shift->stringify }, fallback => 1;
60 =head2 new($store, $user)
62 Takes a L<Catalyst::Authentication::Store::LDAP::Backend> object
63 as $store, and the data structure returned by that class's "get_user"
66 Returns a L<Catalyst::Authentication::Store::LDAP::User> object.
71 my ( $class, $store, $user ) = @_;
75 bless { store => $store, user => $user, }, $class;
80 Returns the results of the "stringify" method.
86 return $self->stringify;
91 Uses the "user_field" configuration option to determine what the "username"
92 of this object is, and returns it.
94 If you use the special value "dn" for user_field, it will return the DN
95 of the L<Net::LDAP::Entry> object.
101 my $userfield = $self->store->user_field;
102 $userfield = $$userfield[0] if ref $userfield eq 'ARRAY';
103 if ( $userfield eq "dn" ) {
104 my ($string) = $self->user->ldap_entry->dn;
108 my ($string) = $self->$userfield;
113 =head2 supported_features
115 Returns hashref of features that this Authentication::User subclass supports.
119 sub supported_features {
121 password => { self_check => 1, },
123 roles => { self_check => 0, },
127 =head2 check_password($password)
129 Bind's to the directory as the DN of the internal L<Net::LDAP::Entry> object,
130 using the bind password supplied in $password. Returns 1 on a successful
136 my ( $self, $password ) = @_;
138 = $self->store->ldap_bind( undef, $self->ldap_entry->dn, $password,
140 if ( defined($ldap) ) {
141 if ($self->store->role_search_as_user) {
142 # FIXME - This can be removed and made to use the code below..
143 # Have to do the role lookup _now_, as this is the only time
144 # that we have the user's password/ldap bind..
147 # Stash a closure which can be used to retrieve the connection in the users context later.
148 $self->_ldap_connection( sub { $self->store->ldap_bind( undef, $self->ldap_entry->dn, $password ) } );
158 Returns the results of L<Catalyst::Authentication::Store::LDAP::Backend>'s "lookup_roles" method, an array of roles that are valid for this user.
165 $self->{_roles} ||= [$self->store->lookup_roles($self, $ldap)];
166 return @{$self->{_roles}};
171 Returns the User object, stringified.
177 return $self->stringify;
182 Returns the raw ldap_entry.
188 return $self->user->{'ldap_entry'};
191 =head2 attributes($type)
193 Returns an array of attributes present for this user. If $type is "ashash",
194 it will return a hash with the attribute names as keys. (And the values of
195 those attributes as, well, the values of the hash)
200 my ( $self, $type ) = @_;
201 if ( $type eq "ashash" ) {
202 return $self->user->{'attributes'};
205 return keys( %{ $self->user->{'attributes'} } );
211 Returns the values for an attribute, or undef if that attribute is not present.
212 The safest way to get at an attribute.
217 my ( $self, $attribute ) = @_;
218 if ( !defined($attribute) ) {
219 Catalyst::Exception->throw(
220 "You must provide an attribute to has_attribute!");
222 if ( $attribute eq "dn" ) {
223 return $self->ldap_entry->dn;
225 elsif ( exists( $self->user->{'attributes'}->{$attribute} ) ) {
226 return $self->user->{'attributes'}->{$attribute};
233 =head2 AUTOLOADed methods
235 We automatically map the attributes of the underlying L<Net::LDAP::Entry>
236 object to read-only accessor methods. So, if you have an entry that looks
239 dn: cn=adam,ou=users,dc=yourcompany,dc=com
242 homeDirectory: /home/adam
246 mail: adam@yourcompany.com
250 objectClass: inetOrgPerson
251 objectClass: organizationalPerson
254 objectClass: posixAccount
258 $c->user->homedirectory
260 And you'll get the value of the "homeDirectory" attribute. Note that
261 all the AUTOLOADed methods are automatically lower-cased.
263 =head2 Special Keywords
265 The highly useful and common method "username" will map to the configured
266 value of user_field (uid by default.)
268 $c->user->username == $c->user->uid
275 ( my $method ) = ( our $AUTOLOAD =~ /([^:]+)$/ );
277 if ( $method eq "DESTROY" ) {
280 if ( exists( $self->user->{'attributes'}->{$method} ) ) {
281 return $self->user->{'attributes'}->{$method};
283 elsif ( $method eq "username" ) {
284 my $userfield = $self->store->user_field;
285 my $username = $self->has_attribute($userfield);
290 Catalyst::Exception->throw( "User is missing the "
292 . " attribute, which should not be possible!" );
296 Catalyst::Exception->throw(
297 "No attribute $method for User " . $self->stringify );
307 Adam Jacob <holoway@cpan.org>
309 Some parts stolen shamelessly and entirely from
310 L<Catalyst::Plugin::Authentication::Store::Htpasswd>.
312 Currently maintained by Peter Karman <karman@cpan.org>.
316 To nothingmuch, ghenry, castaway and the rest of #catalyst for the help. :)
320 L<Catalyst::Authentication::Store::LDAP>, L<Catalyst::Authentication::Store::LDAP::Backend>, L<Catalyst::Plugin::Authentication>, L<Net::LDAP>
322 =head1 COPYRIGHT & LICENSE
324 Copyright (c) 2005 the aforementioned authors. All rights
325 reserved. This program is free software; you can redistribute
326 it and/or modify it under the same terms as Perl itself.