Class: ActiveDirectoryForRuby::ActiveDirectoryForRuby
- Inherits:
-
Object
- Object
- ActiveDirectoryForRuby::ActiveDirectoryForRuby
- Defined in:
- lib/ActiveDirectoryForRuby.rb
Overview
ActiveDirectoryForRuby
Allows for easy access to MS Windows Server’s ActiveDirectory Authentication and data.
Overrides [] operator, maps LDAP fields to Method names, and provides a simple authenticate() method for easy authentication.
Instance Method Summary collapse
-
#[](username) ⇒ Object
pp adconn.
-
#authenticate(user, pass) ⇒ Object
Returns true or false depending on wether user and password were or not succesfully authenticated.
-
#get(user, what = nil) ⇒ Object
Receives a user’s login and optionally a second parameter as an array containing symbols representing fields in LDAP examples:.
-
#initialize(strConfigFile) ⇒ ActiveDirectoryForRuby
constructor
Constructor.
Constructor Details
#initialize(strConfigFile) ⇒ ActiveDirectoryForRuby
Constructor
Receives a single parameter which is the path to the ActiveDirectory data YAML config file.
Config file’s structure is describe in README.txt
44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/ActiveDirectoryForRuby.rb', line 44 def initialize(strConfigFile) lconfig = YAML::load(ERB.new(IO.read(strConfigFile)).result).freeze @config = {} lconfig.each do |key, value| temp = {} value.each do |key2, value2| temp[key2.to_sym] = value2 end @config[key.to_sym] = temp end end |
Instance Method Details
#[](username) ⇒ Object
125 126 127 |
# File 'lib/ActiveDirectoryForRuby.rb', line 125 def[](username) return ActiveDirectoryForRubyFields.new(get(username)) end |
#authenticate(user, pass) ⇒ Object
Returns true or false depending on wether user and password were or not succesfully authenticated. example:
adconn.authenticate(‘myuser’, ‘secretpass’)
> true
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 |
# File 'lib/ActiveDirectoryForRuby.rb', line 63 def authenticate(user, pass) ldap_con = createconnection(@config[:admin][:distinguished_name], @config[:admin][:password]) user_filter = Net::LDAP::Filter.eq( @config[:search][:field], user ) op_filter = Net::LDAP::Filter.eq( "objectClass", "organizationalPerson" ) dn = String.new ldap_con.search( :base => @config[:search][:base], :filter => op_filter & user_filter, :attributes=> 'dn') do |entry| dn = entry.dn end login_succeeded = false unless dn.empty? ldap_con = createconnection(dn, pass) login_succeeded = true if ldap_con.bind end return login_succeeded end |
#get(user, what = nil) ⇒ Object
Receives a user’s login and optionally a second parameter as an array containing symbols representing fields in LDAP examples:
adconn.get(‘myuser’) # Would return all fields win.get(‘myuser’, [ :cn, :sn ]) # Would return :dn, :cn and :sn
Additionally get() creates an additional field :organizational_unit based on :dn with a humanized version of any Organizational Unit (OU) fields available in :dn and reversed, for example if we had a :dn like
‘CN=Homer Simpson,OU=Springfield,OU=USA,DC=nuclearplant,DC=com’
would yield: ‘USA, Springfield’
96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 |
# File 'lib/ActiveDirectoryForRuby.rb', line 96 def get(user, what = nil) @data ||= {} if @data[user].nil? ldap_con = createconnection(@config[:admin][:distinguished_name], @config[:admin][:password]) user_filter = Net::LDAP::Filter.eq( @config[:search][:field], user ) op_filter = Net::LDAP::Filter.eq( "objectClass", "organizationalPerson" ) data = nil ldap_con.search( :base => @config[:search][:base], :filter => op_filter & user_filter, :attributes=> what) do |entry| data = entry data[:organizational_unit] = '' data[:organizational_unit] = entry[:dn][0].split(',').collect{|c| case c[0..1] when 'OU' then c else nil end}.compact.collect{|c| c.split('=')[1] }.reverse.join(', ') unless entry[:dn][0].nil? unless entry[:dn].nil? unless entry.nil? end @data[user] = data end return @data[user] end |