NAME

Catalyst::Authentication::Store::LDAP::User - A User object representing an LDAP object.

SYNOPSIS

You should be creating these objects through Catalyst::Authentication::Store::LDAP::Backend's "get_user" method, or just letting $c->authenticate do it for you.

sub action : Local {
    my ( $self, $c ) = @_;
    $c->authenticate({
        id => $c->req->param(username),
        password => $c->req->param(password)
    );
    $c->log->debug($c->user->username . "is really neat!");
}

If you access just $c->user in a scalar context, it will return the current username.

DESCRIPTION

This wraps up an LDAP object and presents a simplified interface to it's contents. It uses some AUTOLOAD magic to pass method calls it doesn't understand through as simple read only accessors for the LDAP entries various attributes.

It gets grumpy if you ask for an attribute via the AUTOLOAD mechanism that it doesn't know about. Avoid that with using "has_attribute", discussed in more detail below.

You can skip all that and just go straight to the Net::LDAP::Entry object through the "ldap_entry" method:

my $entry = $c->user->ldap_entry;

It also has support for Roles.

METHODS

new($store, $user, $c)

Takes a Catalyst::Authentication::Store::LDAP::Backend object as $store, and the data structure returned by that class's "get_user" method as $user. The final argument is an instance of your application, which is passed along for those wanting to subclass User and perhaps use models for fetching data.

Returns a Catalyst::Authentication::Store::LDAP::User object.

id

Returns the results of the "stringify" method.

stringify

Uses the "user_field" configuration option to determine what the "username" of this object is, and returns it.

If you use the special value "dn" for user_field, it will return the DN of the Net::LDAP::Entry object.

supported_features

Returns hashref of features that this Authentication::User subclass supports.

check_password($password)

Bind's to the directory as the DN of the internal Net::LDAP::Entry object, using the bind password supplied in $password. Returns 1 on a successful bind, 0 on failure.

roles

Returns the results of Catalyst::Authentication::Store::LDAP::Backend's "lookup_roles" method, an array of roles that are valid for this user.

for_session

Returns the User object, stringified.

ldap_entry

Returns the raw ldap_entry.

attributes($type)

Returns an array of attributes present for this user. If $type is "ashash", it will return a hash with the attribute names as keys. (And the values of those attributes as, well, the values of the hash)

has_attribute

Returns the values for an attribute, or undef if that attribute is not present. The safest way to get at an attribute.

get

A simple wrapper around has_attribute() to satisfy the Catalyst::Authentication::User API.

get_object

Satisfies the Catalyst::Authentication::User API and returns the contents of the user() attribute.

ldap_connection

Re-binds to the auth store with the credentials of the user you logged in as, and returns a Net::LDAP object which you can use to do further queries.

AUTOLOADed methods

We automatically map the attributes of the underlying Net::LDAP::Entry object to read-only accessor methods. So, if you have an entry that looks like this one:

dn: cn=adam,ou=users,dc=yourcompany,dc=com
cn: adam
loginShell: /bin/zsh
homeDirectory: /home/adam
gecos: Adam Jacob
gidNumber: 100
uidNumber: 1053
mail: adam@yourcompany.com
uid: adam
givenName: Adam
sn: Jacob
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: Person
objectClass: Top
objectClass: posixAccount

You can call:

$c->user->homedirectory

And you'll get the value of the "homeDirectory" attribute. Note that all the AUTOLOADed methods are automatically lower-cased.

Special Keywords

The highly useful and common method "username" will map to the configured value of user_field (uid by default.)

$c->user->username == $c->user->uid

AUTHORS

Adam Jacob <holoway@cpan.org>

Some parts stolen shamelessly and entirely from Catalyst::Plugin::Authentication::Store::Htpasswd.

Currently maintained by Peter Karman <karman@cpan.org>.

THANKS

To nothingmuch, ghenry, castaway and the rest of #catalyst for the help. :)

SEE ALSO

Catalyst::Authentication::Store::LDAP, Catalyst::Authentication::Store::LDAP::Backend, Catalyst::Plugin::Authentication, Net::LDAP

COPYRIGHT & LICENSE

Copyright (c) 2005 the aforementioned authors. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.