NAME
Gestinanna::POF::LDAP - LDAP interface for persistant objects
SYNOPSIS
package My::DataObject;
use base qw(Gestinanna::POF::LDAP);
use constant base_dn => 'ou=branch, dc=some, dc=tld';
use constant id_field => 'uid';
use constant default_objectclass => [qw(list of objectClasses)];DESCRIPTION
Gestinanna::POF::LDAP uses Net::LDAP to provide access via LDAP to objects stored in a directory. This module does make certain assumptions about the structure of the directory. If more sophisticated access is required, you may need to go directly to the Net::LDAP module instead of using this one.
ATTRIBUTES
This module tries to use as many hints as possible from the LDAP schema. Such hints override any security allowance (e.g., if security says an attribute is modifiable but the LDAP schema says it isn't, then modifications are not allowed).
The following are some notes on how attributes are handled.
id_fieldThe
id_field(see below) is considered the primary key of the LDAP branch. As such, it may not be modified.objectclass
ObjectClassalways is a valid attribute.multiplicity
If an attribute is marked as single valued in the LDAP schema, then only one value may be set. Otherwise, multiple values are allowed, though duplicate values will be ignored.
removing an attribute
To remove an attribute, assign it an
undefvalue.available attributes
The available attributes are determined by the
objectclass. Any attributes the are allowed for an objectclass are allowed for the object. Any attributes which are required by the objectclass may not be deleted or assigned anundefvalue.case
Attribute names are case-insensitive though lower-case is preferred.
attribute syntax
The global
%Gestinanna::POF::LDAP::SYNTAXholds regular expressions or code references that may be used to check the validity of attribute values. This global hash is keyed by the OID of the syntax. For example:$Gestinanna::POF::LDAP::SYNTAX{'1.3.6.1.4.1.1466.115.121.1.27'} = { desc => 'INTEGER', regex => qr{^\d+$}, };Use the
codekey instead ofregexto apply a subroutine reference. The subroutine takes one argument: the value being tested. It should return a true value if the value is valid. Regular expressions are used in favor of code references if both are present.Only the syntaxes from RFC 2252 are currently included (though only a few have regular expressions or code references yet).
CONFIGURATION
Three class methods are required to configure a data class.
base_dn
The base_dn is both the search base for finding objects and the common portion of the dn across all objects represented by the the search base and the class (also called a `branch' in the rest of this document).
id_field
The id_field is the attribute containing the unique identifier for an object within a branch. The value of the id_field and the base_dn together are used to create the dn of an object. This is the attribute object_id is mapped to when creating or loading objects using Gestinanna::POF.
default_objectclass
The default_objectclass is the initial object class (or list of them) that is given to any new objects that are created by Gestinanna::POF and are not in the directory. This may be a single value of an array reference containing multiple values. All the object classes should be valid object classes in the LDAP schema.
DATA CONNECTIONS
This module expects an Net::LDAP connection and an (optional) Net::LDAP::Schema object from the factory. If the schema object is not provided, it will pull a copy from the LDAP server. Providing this at the time the factory is created is sufficient.
$factory = Gestinanna::POF -> new(_factory => (
ldap => $ldap_connection,
ldap_schema => $ldap_schema,
) );SEE ALSO
Gestinanna::POF, Net::LDAP, Net::LDAP::Schema.
AUTHOR
James Smith, <jsmith@cpan.org>
COPYRIGHT
Copyright (C) 2002, 2003 Texas A&M University. All Rights Reserved.
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.