/ 
Net-Squid-Auth-Plugin-SimpleLDAP-v0.1.13
River stage zero No dependents
/ Net::Squid::Auth::Plugin::SimpleLDAP

NAME

Net::Squid::Auth::Plugin::SimpleLDAP - A simple LDAP-based credentials validation plugin for Net::Squid::Auth::Engine

VERSION

Version 0.1.13

SYNOPSIS

If you're a system administrator trying to use Net::Squid::Auth::Engine to validate your user's credentials using a LDAP server as a credentials repository, do as described here:

On $Config{InstallScript}/squid-auth-engine's configuration file:

plugin = SimpleLDAP
<SimpleLDAP>
  # LDAP server
  server = myldap.server.somewhere       # mandatory

  # connection options
  <NetLDAP>                              # optional section with
    port = N                             #   Net::LDAP's
    scheme = 'ldap' | 'ldaps' | 'ldapi'  #     constructor
    ...                                  #     options
  </NetLDAP>

  # bind options
  binddn = cn=joedoe                     # mandatory
  bindpw = secretpassword                # mandatory

  # search options
  basedn = ou=mydept,o=mycompany.com     # mandatory
  objclass = inetOrgPerson               # opt, default "person"
  userattr = uid                         # opt, default "cn"
  passattr = password                    # opt, default "userPassword"
</SimpleLDAP>

Unless configured otherwise, this module will assume the users in your LDAP directory belong to the object class person, as defined in section 3.12 of RFC 4519, and the user and password information will be looked for in the cn and userPassword attributes, respectively.

On your Squid HTTP Cache configuration:

auth_param basic /usr/bin/squid-auth-engine /etc/squid-auth-engine.conf

And you're ready to use this module.

If you're a developer, you might be interested in reading through the source code of this module, in order to learn about it's internals and how it works. It may give you ideas about how to implement other plugin modules for Net::Squid::Auth::Engine.

FUNCTIONS

new( $config_hash )

Constructor. Expects a hash reference with all the configuration under the section <SimpleLDAP> in the $Config{InstallScript}/squid-auth-engine as parameter. Returns a plugin instance.

initialize()

Initialization method called upon instantiation. This provides an opportunity for the plugin initialize itself, stablish database connections and ensure it have all the necessary resources to verify the credentials presented. It receives no parameters and expect no return values.

_search()

Searches the LDAP server. It expects one parameter with a search string for the username. The search string must conform with the format used in LDAP queries, as defined in section 3 of RFC 4515.

is_valid( $username, $password )

This is the credential validation interface. It expects a username and password as parameters and returns a boolean indicating if the credentials are valid (i.e., are listed in the configuration file) or not.

config( $key )

Accessor for a configuration setting given by key.

AUTHOR

Alexei Znamensky, <russoz at cpan.org>

BUGS

Please report any bugs or feature requests to bug-net-squid-auth-plugin-simpleldap at rt.cpan.org, or through the web interface at http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Net-Squid-Auth-Plugin-SimpleLDAP. I will be notified, and then you'll automatically be notified of progress on your bug as I make changes.

SUPPORT

You can find documentation for this module with the perldoc command.

perldoc Net::Squid::Auth::Plugin::SimpleLDAP

Or take a look at the github site to be up to date:

You can also look for information at:

SEE ALSO

Net::Squid::Auth::Engine, Net::LDAP

ACKNOWLEDGEMENTS

Luis "Fields" Motta Campos <lmc at cpan.org>, who could now say:

"The circle is now complete. When I left you, I was but the learner; now *I* am the master."

To what I'd reply:

"Only a master of Perl, Fields"

COPYRIGHT & LICENSE

Copyright 2008,2010 Alexei Znamensky, all rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.