NAME

Net::Squid::Auth::Plugin::SimpleLDAP - A simple LDAP-based credentials validation plugin for Net::Squid::Auth::Engine

VERSION

version 0.1.83

SYNOPSIS

If you're a system administrator trying to use Net::Squid::Auth::Engine to validate your user's credentials using a LDAP server as a credentials repository, do as described here:

On "$Config{InstallScript}/squid-auth-engine"'s configuration file:

      plugin = SimpleLDAP
      <SimpleLDAP>
        # LDAP server
        server = myldap.server.somewhere       # mandatory

        # connection options
        <NetLDAP>                              # optional section with
          port = N                             #   Net::LDAP's
          scheme = 'ldap' | 'ldaps' | 'ldapi'  #     constructor
          ...                                  #     options
        </NetLDAP>

        # bind options
        binddn = cn=joedoe                     # mandatory
        bindpw = secretpassword                # mandatory

        # search options
        basedn = ou=mydept,o=mycompany.com     # mandatory
        objclass = inetOrgPerson               # opt, default "person"
        userattr = uid                         # opt, default "cn"
        passattr = password                    # opt, default "userPassword"
      </SimpleLDAP>

Unless configured otherwise, this module will assume the users in your LDAP directory belong to the object class "person", as defined in section 3.12 of RFC 4519, and the user and password information will be looked for in the "cn" and "userPassword" attributes, respectively. Although you can choose to use any other pair of attributes, the "userattr" can be set to "DN", while the "passattr" can not.

On your Squid HTTP Cache configuration:

auth_param basic /usr/bin/squid-auth-engine /etc/squid-auth-engine.conf

And you're ready to use this module.

If you're a developer, you might be interested in reading through the source code of this module, in order to learn about it's internals and how it works. It may give you ideas about how to implement other plugin modules for Net::Squid::Auth::Engine.

METHODS
new( $config_hash )
Constructor. Expects a hash reference with all the configuration under the section <SimpleLDAP> in the
"$Config{InstallScript}/squid-auth-engine" as parameter. Returns a plugin instance.

initialize()
Initialization method called upon instantiation. This provides an opportunity for the plugin initialize itself, stablish database connections and ensure it have all the necessary resources to verify the credentials presented. It receives no parameters and expect no return values.

_search()
Searches the LDAP server. It expects one parameter with a search string for the username. The search string must conform with the format used in LDAP queries, as defined in section 3 of RFC 4515.

is_valid( $username, $password )
This is the credential validation interface. It expects a username and password as parameters and returns a boolean indicating if the credentials are valid (i.e., are listed in the configuration file) or not.

config( $key )
Accessor for a configuration setting given by key.

SEE ALSO

• Net::Squid::Auth::Engine, Net::LDAP, Scalar::Util
• RFC 4515 - Lightweight Directory Access Protocol (LDAP): String Representation of Search Filters

  <http://www.faqs.org/rfcs/rfc4515.html>

• RFC 4519 - Lightweight Directory Access Protocol (LDAP): Schema for User Applications

  <http://www.faqs.org/rfcs/rfc4519.html>

ACKNOWLEDGEMENTS

Luis "Fields" Motta Campos "<lmc at cpan.org>", who could now say:

"The circle is now complete. When I left you, I was but the learner; now I am the master."

To what I'd reply:

"Only a master of Perl, Fields"

AUTHOR

Alexei Znamensky <russoz@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2011 by Alexei Znamensky.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

SUPPORT
Perldoc
You can find documentation for this module with the perldoc command.

perldoc Net::Squid::Auth::Plugin::SimpleLDAP

Websites
The following websites have more information about this module, and may be of help to you. As always, in addition to those websites please use your favorite search engine to discover more resources.

• Search CPAN

  The default CPAN search engine, useful to view POD in HTML format.

  <http://search.cpan.org/dist/Net-Squid-Auth-Plugin-SimpleLDAP>

• AnnoCPAN

  The AnnoCPAN is a website that allows community annonations of Perl module documentation.

  <http://annocpan.org/dist/Net-Squid-Auth-Plugin-SimpleLDAP>

• CPAN Ratings

  The CPAN Ratings is a website that allows community ratings and reviews of Perl modules.

  <http://cpanratings.perl.org/d/Net-Squid-Auth-Plugin-SimpleLDAP>

• CPAN Forum

  The CPAN Forum is a web forum for discussing Perl modules.

  <http://cpanforum.com/dist/Net-Squid-Auth-Plugin-SimpleLDAP>

• CPANTS

  The CPANTS is a website that analyzes the Kwalitee ( code metrics ) of a distribution.

  <http://cpants.perl.org/dist/overview/Net-Squid-Auth-Plugin-SimpleLD AP>

• CPAN Testers

  The CPAN Testers is a network of smokers who run automated tests on uploaded CPAN distributions.

  <http://www.cpantesters.org/distro/N/Net-Squid-Auth-Plugin-SimpleLDA P>

• CPAN Testers Matrix

  The CPAN Testers Matrix is a website that provides a visual way to determine what Perls/platforms PASSed for a distribution.

  <http://matrix.cpantesters.org/?dist=Net-Squid-Auth-Plugin-SimpleLDA P>

Internet Relay Chat
You can get live help by using IRC ( Internet Relay Chat ). If you don't know what IRC is, please read this excellent guide: <http://en.wikipedia.org/wiki/Internet_Relay_Chat>. Please be courteous and patient when talking to us, as we might be busy or sleeping! You can join those networks/channels and get help:

• irc.perl.org

  You can connect to the server at 'irc.perl.org' and join this channel: #sao-paulo.pm to get help.

BUGS AND LIMITATIONS

No bugs have been reported.

Please report any bugs or feature requests through the web interface at <http://github.com/russoz/Net-Squid-Auth-Plugin-SimpleLDAP/issues>.

AVAILABILITY

The latest version of this module is available from the Comprehensive Perl Archive Network (CPAN). Visit <http://www.perl.com/CPAN/> to find a CPAN site near you, or see
<http://search.cpan.org/dist/Net-Squid-Auth-Plugin-SimpleLDAP/>.

The development version lives at
<http://github.com/russoz/Net-Squid-Auth-Plugin-SimpleLDAP> and may be cloned from
<git://github.com/russoz/Net-Squid-Auth-Plugin-SimpleLDAP.git>. Instead of sending patches, please fork this project using the standard git and github infrastructure.

DISCLAIMER OF WARRANTY

BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.