NAME
Net::Squid::Auth::Plugin::SimpleLDAP - A simple LDAP-based credentials validation plugin for Net::Squid::Auth::Engine
VERSION
version 0.1.83
SYNOPSIS
If you're a system administrator trying to use Net::Squid::Auth::Engine to validate your user's credentials using a LDAP server as a credentials repository, do as described here:
On $Config{InstallScript}/squid-auth-engine's configuration file:
plugin = SimpleLDAP
<SimpleLDAP>
# LDAP server
server = myldap.server.somewhere # mandatory
# connection options
<NetLDAP> # optional section with
port = N # Net::LDAP's
scheme = 'ldap' | 'ldaps' | 'ldapi' # constructor
... # options
</NetLDAP>
# bind options
binddn = cn=joedoe # mandatory
bindpw = secretpassword # mandatory
# search options
basedn = ou=mydept,o=mycompany.com # mandatory
objclass = inetOrgPerson # opt, default "person"
userattr = uid # opt, default "cn"
passattr = password # opt, default "userPassword"
</SimpleLDAP>Unless configured otherwise, this module will assume the users in your LDAP directory belong to the object class person, as defined in section 3.12 of RFC 4519, and the user and password information will be looked for in the cn and userPassword attributes, respectively. Although you can choose to use any other pair of attributes, the userattr can be set to DN, while the passattr can not.
On your Squid HTTP Cache configuration:
auth_param basic /usr/bin/squid-auth-engine /etc/squid-auth-engine.confAnd you're ready to use this module.
If you're a developer, you might be interested in reading through the source code of this module, in order to learn about it's internals and how it works. It may give you ideas about how to implement other plugin modules for Net::Squid::Auth::Engine.
METHODS
new( $config_hash )
Constructor. Expects a hash reference with all the configuration under the section <SimpleLDAP> in the $Config{InstallScript}/squid-auth-engine as parameter. Returns a plugin instance.
initialize()
Initialization method called upon instantiation. This provides an opportunity for the plugin initialize itself, stablish database connections and ensure it have all the necessary resources to verify the credentials presented. It receives no parameters and expect no return values.
_search()
Searches the LDAP server. It expects one parameter with a search string for the username. The search string must conform with the format used in LDAP queries, as defined in section 3 of RFC 4515.
is_valid( $username, $password )
This is the credential validation interface. It expects a username and password as parameters and returns a boolean indicating if the credentials are valid (i.e., are listed in the configuration file) or not.
config( $key )
Accessor for a configuration setting given by key.
SEE ALSO
RFC 4515 - Lightweight Directory Access Protocol (LDAP): String Representation of Search Filters
RFC 4519 - Lightweight Directory Access Protocol (LDAP): Schema for User Applications
ACKNOWLEDGEMENTS
Luis "Fields" Motta Campos <lmc at cpan.org>, who could now say:
"The circle is now complete. When I left you, I was but the learner; now *I* am the master."
To what I'd reply:
"Only a master of Perl, Fields"
AUTHOR
Alexei Znamensky <russoz@cpan.org>
COPYRIGHT AND LICENSE
This software is copyright (c) 2011 by Alexei Znamensky.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
SUPPORT
Perldoc
You can find documentation for this module with the perldoc command.
perldoc Net::Squid::Auth::Plugin::SimpleLDAPWebsites
The following websites have more information about this module, and may be of help to you. As always, in addition to those websites please use your favorite search engine to discover more resources.
Search CPAN
The default CPAN search engine, useful to view POD in HTML format.
http://search.cpan.org/dist/Net-Squid-Auth-Plugin-SimpleLDAP
AnnoCPAN
The AnnoCPAN is a website that allows community annonations of Perl module documentation.
CPAN Ratings
The CPAN Ratings is a website that allows community ratings and reviews of Perl modules.
http://cpanratings.perl.org/d/Net-Squid-Auth-Plugin-SimpleLDAP
CPAN Forum
The CPAN Forum is a web forum for discussing Perl modules.
CPANTS
The CPANTS is a website that analyzes the Kwalitee ( code metrics ) of a distribution.
http://cpants.perl.org/dist/overview/Net-Squid-Auth-Plugin-SimpleLDAP
CPAN Testers
The CPAN Testers is a network of smokers who run automated tests on uploaded CPAN distributions.
http://www.cpantesters.org/distro/N/Net-Squid-Auth-Plugin-SimpleLDAP
CPAN Testers Matrix
The CPAN Testers Matrix is a website that provides a visual way to determine what Perls/platforms PASSed for a distribution.
http://matrix.cpantesters.org/?dist=Net-Squid-Auth-Plugin-SimpleLDAP
Internet Relay Chat
You can get live help by using IRC ( Internet Relay Chat ). If you don't know what IRC is, please read this excellent guide: http://en.wikipedia.org/wiki/Internet_Relay_Chat. Please be courteous and patient when talking to us, as we might be busy or sleeping! You can join those networks/channels and get help:
irc.perl.org
You can connect to the server at 'irc.perl.org' and join this channel: #sao-paulo.pm to get help.
BUGS AND LIMITATIONS
No bugs have been reported.
Please report any bugs or feature requests through the web interface at http://github.com/russoz/Net-Squid-Auth-Plugin-SimpleLDAP/issues.
AVAILABILITY
The latest version of this module is available from the Comprehensive Perl Archive Network (CPAN). Visit http://www.perl.com/CPAN/ to find a CPAN site near you, or see http://search.cpan.org/dist/Net-Squid-Auth-Plugin-SimpleLDAP/.
The development version lives at http://github.com/russoz/Net-Squid-Auth-Plugin-SimpleLDAP and may be cloned from git://github.com/russoz/Net-Squid-Auth-Plugin-SimpleLDAP.git. Instead of sending patches, please fork this project using the standard git and github infrastructure.
DISCLAIMER OF WARRANTY
BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.