use strict;
use warnings;
-our $VERSION = '1.015';
+our $VERSION = '1.016';
use Catalyst::Authentication::Store::LDAP::Backend;
=pod
+=encoding utf-8
+
=head1 NAME
Catalyst::Authentication::Store::LDAP
attrs => [qw( distinguishedname name mail )],
},
user_results_filter => sub { return shift->pop_entry },
+ persist_in_session => 'all',
},
},
},
=head2 user_search_options
-This takes a hashref. It will append it's values to the call to
+This takes a hashref. It will append its values to the call to
L<Net::LDAP>'s "search" method during the initial user lookup. See
L<Net::LDAP> for valid options.
=head2 role_search_options
-This takes a hashref. It will append it's values to the call to
+This takes a hashref. It will append its values to the call to
L<Net::LDAP>'s "search" method during the user's role lookup. See
L<Net::LDAP> for valid options.
fields. If this is set to false, then the role search will instead be
performed when bound as the user you authenticated as.
+=head2 persist_in_session
+
+Can take one of the following values, defaults to C<username>:
+
+=over
+
+=item C<username>
+
+Only store the username in the session and lookup the user and its roles
+on every request. That was how the module worked until version 1.015 and is
+also the default for backwards compatibility.
+
+=item C<all>
+
+Store the user object and its roles in the session and never look it up in
+the store after login.
+
+B<NOTE:> It's recommended to limit the user attributes fetched from LDAP
+using L</user_search_options> / C<attrs> to not exhaust the session store.
+
+=back
+
=head2 entry_class
The name of the class of LDAP entries returned. This class should
=head1 AUTHORS
Adam Jacob <holoway@cpan.org>
+Peter Karman <karman@cpan.org>
+Alexander Hartmaier <abraxxa@cpan.org>
Some parts stolen shamelessly and entirely from
L<Catalyst::Plugin::Authentication::Store::Htpasswd>.
-Currently maintained by Peter Karman <karman@cpan.org>.
+Currently maintained by Dagfinn Ilmari Mannsåker <ilmari@cpan.org>.
=head1 THANKS