Comments on: LDAP Pass-through Authentication with Authlogic and ActiveLdap

By: Enrico

Enrico — Thu, 30 Sep 2010 16:37:08 +0000

Funny you should mention Alfresco; I used to work with it a bit for an old gig. If the Alfresco groups are available through the same LDAP interface that the users are, you shouldn't have too much trouble. Just set up the appropriate mappings for groups through ActiveLdap. I have a post about this, in case you haven't already seen it.

By: Guy Roberts

Guy Roberts — Thu, 30 Sep 2010 16:30:20 +0000

Good stuff, this was just what I needed to use Alfresco to do authentication for with authlogic.

Now all I have to do is figure out how to get declarative_authorization to play with Alfresco’s groups.

Thanks.

By: Enrico

Enrico — Wed, 11 Aug 2010 01:59:54 +0000

@GW: Yes, that’s actually broken by design. I didn’t remove the action or view because I wanted to change as little of the existing code as possible, but the idea behind the example code is that you never create users through the UsersController. You create them using your own LDAP admin tools and then users can log in using their LDAP credentials. When that happens, a User entry is created in the database. The database entry is really just for storing metadata, like the “magic columns” that Authlogic provides.

With a little more work, you can create a form that creates an LDAPUser and saves it to the LDAP (independently of Authlogic).

By: GW

GW — Wed, 11 Aug 2010 00:14:21 +0000

I had trouble with the example code. It turned out, you cannot have password_confirmation field in
view (for example, app/views/users/new.html.erb) if you set validate_password_field = false in the user model. You will get an undefined method error for password_confirmation when it tries to render the page.

I am using rail 2.3.4 and authlogic 2.1.6 gem installation.

By: Enrico

Enrico — Tue, 08 Dec 2009 21:32:18 +0000

@Ademola: I have little experience with OpenDS and I’m not sure what the nature of your errors are based on your description. If you still need help with this, send me an e-mail and I’ll see what I can do.

@Javier: I don’t think that’s possible with the method that I’m using because I’m overriding the mechanism by which Authlogic validates the username and password as opposed to providing an entirely different (parallel) method of authentication like Authlogic plugins do.

@Adam: Yeah, at the time I wrote the post, 1.0.9 was the latest version. Now I’m using 1.2.0 and gettext_activerecord does work for me, but I’m not using formtastic. You might also be interested in seeing how I integrated it all with declarative_authorization to get RBAC through LDAP groups: http://github.com/enricob/authlogic_example/tree/ldap-rbac

By: Adam Durity

Adam Durity — Tue, 08 Dec 2009 20:56:26 +0000

Best Rails + Authlogic + LDAP solution I’ve found. Thanks for the post. I did find that I needed to use ActiveLdap version 1.0.9, because in 1.1.0+ they added gettext_activerecord which didn’t work for me. This may be because of my use of formtastic.

Thanks for the post.

By: Javier

Javier — Fri, 04 Dec 2009 15:37:59 +0000

Hi! I’m need two diferents forms to authenticate. Firts without ldap, second within ldap. Any idea?

By: Ademola

Ademola — Sun, 29 Nov 2009 14:43:07 +0000

Hi,

I am having a problem with getting any return value from “LdapUser.all”. I am using OpenDS and intend to authenticate against users in a group in it. Any help with OpenDS would really help.

By: Enrico

Enrico — Fri, 04 Sep 2009 15:25:57 +0000

@maxjgon: Yeah, the 0.0.5 net-ldap gem needs to be built from the GitHub repository. If you want to try using 0.0.4 (which might work depending on your particular schema), you actually want to use the command below. sudo gem install ruby-net-ldap And change your config.gem line in config/environment.rb accordingly. Turns out the RubyForge-released gem is called ruby-net-ldap while the GitHub-built one is called net-ldap. This threw me for a bit of a loop. If you need more help with this, fire me an e-mail and I'll try and help you out as much as I can.

By: maxjgon

maxjgon — Fri, 04 Sep 2009 15:18:15 +0000

To put:
config.gem “net-ldap”, :lib => false, :version => ‘>=0.0.5′
fails, but when y try to do:
Net::LDAP.new it works.

And when i try to
sudo gem install net-ldap for the 0.0.4 version it said:
ERROR: could not find gem net-ldap locally or in a repository

Only i try to declare in my config.gem that is needed net-ldap 0.0.5 version.