Module: UCB::LDAP
- Defined in:
- lib/ucb_ldap.rb,
lib/ucb_ldap_org.rb,
lib/ucb_ldap_entry.rb,
lib/ucb_ldap_person.rb,
lib/ucb_ldap_schema.rb,
lib/ucb_ldap_address.rb,
lib/ucb_ldap_service.rb,
lib/ucb_ldap_namespace.rb,
lib/ucb_ldap_exceptions.rb,
lib/ucb_ldap_affiliation.rb,
lib/ucb_ldap_student_term.rb,
lib/person/generic_attributes.rb,
lib/ucb_ldap_schema_attribute.rb,
lib/person/affiliation_methods.rb,
lib/ucb_ldap_person_job_appointment.rb
Overview
UCB::LDAP
If you are doing searches that don’t require a privileged bind and are accessing the default (production) server you probably don’t need to call any of the methods in this module.
Methods in this module are about making connections to the LDAP directory.
Interaction with the directory (searches and updates) is usually through the search() and other methods of UCB::LDAP::Entry and its sub-classes.
Defined Under Namespace
Modules: AffiliationMethods, GenericAttributes, Schema Classes: Address, Affiliation, BadAttributeNameException, BindFailedException, ConnectionFailedException, DirectoryNotUpdatedException, Entry, JobAppointment, Namespace, Org, Person, Service, StudentTerm
Constant Summary collapse
- HOST_PRODUCTION =
'ldap.berkeley.edu'
- HOST_TEST =
'ldap-test.berkeley.edu'
Class Method Summary collapse
-
.authenticate(username, password) ⇒ Object
Give (new) bind credentials to LDAP.
-
.authentication_information ⇒ Object
The value of the :auth parameter for Net::LDAP.new().
- .bind(bind_file, environment) ⇒ Object
-
.bind_for_rails(bind_file = "#{RAILS_ROOT}/config/ldap.yml", environment = RAILS_ENV) ⇒ Object
If you are using UCB::LDAP in a Rails application you can specify binds on a per-environment basis, just as you can with database credentials.
-
.clear_authentication ⇒ Object
Removes current bind (username, password).
-
.clear_instance_variables ⇒ Object
Used for testing.
-
.host ⇒ Object
Returns LDAP host used for lookups.
-
.host=(host) ⇒ Object
Setter for #host.
-
.ldap_ping ⇒ Object
Returns
true
if connection simple search works. -
.local_date_parse(arg) ⇒ Object
Returns
arg
as a RubyDate
in local time zone. -
.local_datetime_parse(arg) ⇒ Object
Returns
arg
as a RubyDateTime
in local time zone. -
.net_ldap ⇒ Object
Returns Net::LDAP instance that is used by UCB::LDAP::Entry and subclasses for directory searches.
-
.new_net_ldap ⇒ Object
Returns new Net::LDAP instance.
-
.password ⇒ Object
:nodoc:.
-
.username ⇒ Object
:nodoc:.
Class Method Details
.authenticate(username, password) ⇒ Object
Give (new) bind credentials to LDAP. An attempt will be made to bind and will raise BindFailedException if bind fails.
Call clear_authentication() to remove privileged bind.
47 48 49 50 |
# File 'lib/ucb_ldap.rb', line 47 def authenticate(username, password) @username, @password = username, password new_net_ldap() # to force bind() end |
.authentication_information ⇒ Object
The value of the :auth parameter for Net::LDAP.new().
155 156 157 158 159 |
# File 'lib/ucb_ldap.rb', line 155 def authentication_information() password.nil? ? {:method => :anonymous} : {:method => :simple, :username => username, :password => password} end |
.bind(bind_file, environment) ⇒ Object
129 130 131 132 133 134 |
# File 'lib/ucb_ldap.rb', line 129 def bind(bind_file, environment) raise "Can't find bind file: #{bind_file}" unless FileTest.exists?(bind_file) binds = YAML.load(IO.read(bind_file)) bind = binds[environment] || raise("Can't find environment=#{environment} in bind file") authenticate(bind['username'], bind['password']) end |
.bind_for_rails(bind_file = "#{RAILS_ROOT}/config/ldap.yml", environment = RAILS_ENV) ⇒ Object
If you are using UCB::LDAP in a Rails application you can specify binds on a per-environment basis, just as you can with database credentials.
# in ../config/ldap.yml
development:
username: user_dev
password: pass_dev
# etc.
# in ../config/environment.rb
require 'ucb_ldap'
UCB::LDAP.bind_for_rails()
Runtime error will be raised if bind_file not found or if environment key not found in bind_file.
125 126 127 |
# File 'lib/ucb_ldap.rb', line 125 def bind_for_rails(bind_file = "#{RAILS_ROOT}/config/ldap.yml", environment = RAILS_ENV) bind(bind_file, environment) end |
.clear_authentication ⇒ Object
Removes current bind (username, password).
55 56 57 |
# File 'lib/ucb_ldap.rb', line 55 def clear_authentication() authenticate(nil, nil) end |
.clear_instance_variables ⇒ Object
Used for testing
195 196 197 198 199 200 |
# File 'lib/ucb_ldap.rb', line 195 def clear_instance_variables() @host = nil @net_ldap = nil @username = nil @password = nil end |
.host ⇒ Object
Returns LDAP host used for lookups. Default is HOST_PRODUCTION.
62 63 64 |
# File 'lib/ucb_ldap.rb', line 62 def host() @host || HOST_PRODUCTION end |
.host=(host) ⇒ Object
Setter for #host.
Note: validation of host is deferred until a search is performed or #authenticate() is called at which time a bad host will raise ConnectionFailedException.
Don’t want to reconnect unless host really changed.
75 76 77 78 79 80 |
# File 'lib/ucb_ldap.rb', line 75 def host=(host) if host != @host @host = host @net_ldap = nil end end |
.ldap_ping ⇒ Object
Returns true
if connection simple search works.
164 165 166 167 168 169 170 171 172 173 |
# File 'lib/ucb_ldap.rb', line 164 def ldap_ping() search_attrs = { :base => "", :scope => Net::LDAP::SearchScope_BaseObject, :attributes => [1.1] } result = false @net_ldap.search(search_attrs) { result = true } result end |
.local_date_parse(arg) ⇒ Object
Returns arg
as a Ruby Date
in local time zone. Returns nil
if arg
is nil
.
139 140 141 |
# File 'lib/ucb_ldap.rb', line 139 def local_date_parse(arg) arg.nil? ? nil : Date.parse(Time.parse(arg.to_s).localtime.to_s) end |
.local_datetime_parse(arg) ⇒ Object
Returns arg
as a Ruby DateTime
in local time zone. Returns nil
if arg
is nil
.
146 147 148 |
# File 'lib/ucb_ldap.rb', line 146 def local_datetime_parse(arg) arg.nil? ? nil : DateTime.parse(Time.parse(arg.to_s).localtime.to_s) end |
.net_ldap ⇒ Object
Returns Net::LDAP instance that is used by UCB::LDAP::Entry and subclasses for directory searches.
You might need this to perform searches not supported by sub-classes of Entry.
Note: callers should not cache the results of this call unless they are prepared to handle timed-out connections (which this method does).
92 93 94 |
# File 'lib/ucb_ldap.rb', line 92 def net_ldap() @net_ldap ||= new_net_ldap end |
.new_net_ldap ⇒ Object
Returns new Net::LDAP instance.
178 179 180 181 182 183 184 185 186 187 188 189 190 |
# File 'lib/ucb_ldap.rb', line 178 def new_net_ldap() params = { :host => host, :auth => authentication_information, :port => 636, :encryption => {:method =>:simple_tls} } @net_ldap = Net::LDAP.new(params) @net_ldap.bind || raise(BindFailedException) @net_ldap rescue Net::LDAP::LdapError => e raise(BindFailedException) end |
.password ⇒ Object
:nodoc:
96 97 98 |
# File 'lib/ucb_ldap.rb', line 96 def password() #:nodoc: @password end |
.username ⇒ Object
:nodoc:
100 101 102 |
# File 'lib/ucb_ldap.rb', line 100 def username() #:nodoc: @username end |