Hi all, Let me apologize in advance if I’m overcomplicating my
post…
I currently use AuthLogic along with this LDAP validation method in
the User model :
class User < ActiveRecord::Base
def valid_ldap_credentials?(password_plaintext)
ldap = Net::LDAP.new
ldap.host = ‘hostname’
ldap.auth “AD\” + self.username, password_plaintext
ldap.bind
end
end
I also have an LDAP controller that runs LDAP searches to populate
arrays,
such as this one that returns a list of all active usernames:
class LdapController < ApplicationController
def ldap_users
ldap = Net::LDAP.new
ldap.host = ‘hostname’
ldap.bind
ldap.auth(‘AD\username’, ‘password’)
treebase = “ou=blah, dc=blah, dc=com”
filter1 = Net::LDAP::Filter.eq(“objectCategory”,“user”)
filter2 = Net::LDAP::Filter.eq(“userAccountControl”,“512”)
attrs = [“cn”]
@usernames = Array.new
ldap.search(:base => treebase,
:filter => filter1 & filter2,
:attributes => attrs ) do |entry|
@usernames << entry.cn
end
end
end
What I’d like to do, however, is to somehow hold my LDAP binding
session at the time of login, and be able to use it throughout the
application. For instance, I want to create a
selection list of ldap_users, from which a user can select his
manager’s name, which would be saved in the user’s record in my
application database(basically, I need the user to enter his manager’s
username, but the LDAP search method would validate the username so we
know it’s a valid name).
Maybe I’m overcomplicating it, but how would I hold my LDAP session
information so that non "User"controllers can use it? So, for
instance, the LDAP Controller could look like this instead:
class LdapController < ApplicationController
def ldap_users
ldap = [user session information that is validated and bound to
LDAP]
treebase = “ou=blah, dc=blah, dc=com”
filter1 = Net::LDAP::Filter.eq(“objectCategory”,“user”)
filter2 = Net::LDAP::Filter.eq(“userAccountControl”,“512”)
attrs = [“cn”]
@usernames = Array.new
ldap.search(:base => treebase,
:filter => filter1 & filter2,
:attributes => attrs ) do |entry|
@usernames << entry.cn
end
end
end
Does that make sense?
Also, if anyone knows how to get a selection list out of the
“@usernames” array created above, that would be an awesome help.
Since the values are coming from LDAP dynamically, and not from a
table in my application’s database, I don’t know the syntax for
creating the selection list. This is how I would create a selection
list from tables in my database:
<%= select( “user”, “department_id”, Department.find( :all, :order =>
“name” ).collect { |c| [c.name, c.id] }, { :include_blank =>
true, :order => “name” })%>
…but how would I pull the attributes from the @usernames array I
created in the ldap_users method to populate a selection list?
Thanks in advance for any suggestions or guidance…