Class: CASServer::Authenticators::LDAP

Inherits:
Base
  • Object
show all
Defined in:
lib/casserver/authenticators/ldap.rb

Overview

Basic LDAP authenticator. Should be compatible with OpenLDAP and other similar LDAP servers, although it hasn’t been officially tested. See example config file for details on how to configure it.

Direct Known Subclasses

ActiveDirectoryLDAP

Instance Attribute Summary

Attributes inherited from Base

#options, #username

Instance Method Summary collapse

Methods inherited from Base

#configure, #extra_attributes

Instance Method Details

#validate(credentials) ⇒ Object

Raises:



25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
# File 'lib/casserver/authenticators/ldap.rb', line 25

def validate(credentials)
  read_standard_credentials(credentials)

  return false if @password.blank?
 
  raise CASServer::AuthenticatorError, "Cannot validate credentials because the authenticator hasn't yet been configured" unless @options
  raise CASServer::AuthenticatorError, "Invalid authenticator configuration!" unless @options[:ldap]
  raise CASServer::AuthenticatorError, "You must specify an ldap server in the configuration!" unless @options[:ldap][:server]
  
  raise CASServer::AuthenticatorError, "The username '#{@username}' contains invalid characters." if (@username =~ /[*\(\)\0\/]/)
  
  preprocess_username
  
  @ldap = Net::LDAP.new
  @ldap.host = @options[:ldap][:server]
  @ldap.port = @options[:ldap][:port] if @options[:ldap][:port]
  
  begin
    if @options[:ldap][:auth_user]
      bind_with_preauthentication
    else
      bind_directly
    end
  rescue Net::LDAP::LdapError => e
    raise CASServer::AuthenticatorError,
      "LDAP authentication failed with '#{e}'. Check your authenticator configuration."
  end
end