| @@ -8,8 +8,8 against redmine database | |||||
| 8 | =head1 SYNOPSIS |
|
8 | =head1 SYNOPSIS | |
| 9 |
|
9 | |||
| 10 | This module allow anonymous users to browse public project and |
|
10 | This module allow anonymous users to browse public project and | |
| 11 |
registred users to browse and commit their project. |
|
11 | registred users to browse and commit their project. Authentication is | |
| 12 | done on the redmine database. |
|
12 | done against the redmine database or the LDAP configured in redmine. | |
| 13 |
|
13 | |||
| 14 | This method is far simpler than the one with pam_* and works with all |
|
14 | This method is far simpler than the one with pam_* and works with all | |
| 15 | database without an hassle but you need to have apache/mod_perl on the |
|
15 | database without an hassle but you need to have apache/mod_perl on the | |
| @@ -29,6 +29,9 On debian/ubuntu you must do : | |||||
| 29 |
|
29 | |||
| 30 | aptitude install libapache-dbi-perl libapache2-mod-perl2 libdbd-mysql-perl |
|
30 | aptitude install libapache-dbi-perl libapache2-mod-perl2 libdbd-mysql-perl | |
| 31 |
|
31 | |||
|
|
32 | If your Redmine users use LDAP authentication, you will also need | |||
|
|
33 | Authen::Simple::LDAP (and IO::Socket::SSL if LDAPS is used). | |||
|
|
34 | ||||
| 32 | =head1 CONFIGURATION |
|
35 | =head1 CONFIGURATION | |
| 33 |
|
36 | |||
| 34 | ## if the module isn't in your perl path |
|
37 | ## if the module isn't in your perl path | |
| @@ -90,7 +93,8 use strict; | |||||
| 90 |
|
93 | |||
| 91 | use DBI; |
|
94 | use DBI; | |
| 92 | use Digest::SHA1; |
|
95 | use Digest::SHA1; | |
| 93 | use Authen::Simple::LDAP; |
|
96 | # optional module for LDAP authentication | |
|
|
97 | my $CanUseLDAPAuth = eval("use Authen::Simple::LDAP; 1"); | |||
| 94 |
|
98 | |||
| 95 | use Apache2::Module; |
|
99 | use Apache2::Module; | |
| 96 | use Apache2::Access; |
|
100 | use Apache2::Access; | |
| @@ -188,21 +192,21 sub is_member { | |||||
| 188 | $ret = 1; |
|
192 | $ret = 1; | |
| 189 | last; |
|
193 | last; | |
| 190 | } |
|
194 | } | |
| 191 | } else { |
|
195 | } elsif ($CanUseLDAPAuth) { | |
| 192 | my $sthldap = $dbh->prepare( |
|
196 | my $sthldap = $dbh->prepare( | |
| 193 | "SELECT host,port,account,account_password,base_dn,attr_login from auth_sources WHERE id = ?;" |
|
197 | "SELECT host,port,tls,account,account_password,base_dn,attr_login from auth_sources WHERE id = ?;" | |
| 194 | ); |
|
198 | ); | |
| 195 | $sthldap->execute($row[1]); |
|
199 | $sthldap->execute($row[1]); | |
| 196 | while (my @rowldap = $sthldap->fetchrow_array) { |
|
200 | while (my @rowldap = $sthldap->fetchrow_array) { | |
| 197 | my $ldap = Authen::Simple::LDAP->new( |
|
201 | my $ldap = Authen::Simple::LDAP->new( | |
| 198 | host => $rowldap[0], |
|
202 | host => ($rowldap[2] == 1 || $rowldap[2] eq "t") ? "ldaps://$rowldap[0]" : $rowldap[0], | |
| 199 | port => $rowldap[1], |
|
203 | port => $rowldap[1], | |
| 200 | basedn => $rowldap[4], |
|
204 | basedn => $rowldap[5], | |
| 201 |
|
|
205 | binddn => $rowldap[3] ? $rowldap[3] : "", | |
| 202 |
|
|
206 | bindpw => $rowldap[4] ? $rowldap[4] : "", | |
| 203 |
|
|
207 | filter => "(".$rowldap[6]."=%s)" | |
| 204 | ); |
|
208 | ); | |
| 205 |
|
|
209 | $ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass)); | |
| 206 | } |
|
210 | } | |
| 207 | $sthldap->finish(); |
|
211 | $sthldap->finish(); | |
| 208 | } |
|
212 | } | |
General Comments 0
You need to be logged in to leave comments.
Login now