Forum: Ruby on Rails LDAP Authentication Failed

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
266f1a5c2a6e62a549bc2ae99ca4b1c2?d=identicon&s=25 Palani Kumar (palani)
on 2009-03-19 09:44
Hi,

      I have installed  openLDAP on windows vista. i correctly configure
the openLDAP server. when i do the ladpadd &ldap search by using the
following commands

Commands:
   ldapadd -x step1.ldif

   ldapsearch -D "cn=shalini,dc=mips,dc=com" -w serverpwd  -b
cn=shalini,ou=people,dc=mips,dc=com"

It shows the output like:

# extended LDIF
#
# LDAPv3
# base <cn=shalini,ou=people,dc=mips,dc=com> with scope sub
# filter: (objectclass=*)
# requesting: ALL
#

# shalini, people, mips.com
dn: cn=shalini,ou=people,dc=mips,dc=com
objectClass: inetOrgPerson
cn: shalini
cn: Robert J Smith
cn: bob  smith
sn: shalini
uid:: c2hhbGluaQk=
userPassword:: c2hhbGluaSA=
carLicense: HISCAR 123
homePhone: 555-111-2222
mail: palani.apk@gmail.com
mail: rsmith@example.com
mail: bob.smith@example.com
description: swell guy
ou: Human Resources

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1


 so from this output i guess i correctly created the Directory service
on openLDAP server. The error i faced is as follows. I opened the
script/console
and type the following commands
>> require 'net/ldap'
[]
>>ldap=Net::LDAP.new
=>#<Net::LDAP:0io5bcpoi
@auth={:method=>:anonymous},@port=389,@encryption=nil,@host=127.0.0.1,@verbose=false,@base="dc=com",@openconnection=nil)
>>ldap.auth("shalini@mips.com","shalini")
=> {:password =>"shalini",:username =>"shalini@mips.com",:method
=>simple}

>>ldap.bind
false

so what i miss here?  can anyone please help me to solve this problems.
D2536dbfa799820f207aaa74832a26d5?d=identicon&s=25 James Cowlishaw (Guest)
on 2009-03-19 15:21
(Received via mailing list)
Palani,
I'd suggest you use a 3rd party tool like LDAP Browser
(www.ldapbrowser.com)
to verify your server, then check your code too.
James.

2009/3/19 Palani Kumar <rails-mailing-list@andreas-s.net>
266f1a5c2a6e62a549bc2ae99ca4b1c2?d=identicon&s=25 Palani Kumar (palani)
on 2009-03-19 15:31
James Cowlishaw wrote:
> Palani,
> I'd suggest you use a 3rd party tool like LDAP Browser
> (www.ldapbrowser.com)
> to verify your server, then check your code too.
> James.
>
> 2009/3/19 Palani Kumar <rails-mailing-list@andreas-s.net>

Hi James,
            I need to implement this in ROR only. I don't know what the
error is. even i don't know whether i am on right path.
0d56133042e4814c1b2255ea655f2361?d=identicon&s=25 Jeff Burlysystems (jburly)
on 2009-03-20 18:18
(Received via mailing list)
Hi Palani,

If you're trying to auth against ldap using Net::LDAP, might want to
try:

  ...
  require 'net/ldap'

  LDAP_HOST = '127.0.0.1'  # or match your setup.
  LDAP_PORT = 389  # or ...
  LDAP_DN = 'cn=shalini,ou=people,dc=mips,dc=com'  # or ...
  ...
  def ldap_auth(uid, pss)
    return false if uid.blank? || pss.blank?
    clean_uid = uid.gsub(/[^a-zA-Z0-9._-]+/, '')  # or ..., to guard
against ldap-injection.
    usr = "uid=#{clean_uid},#{LDAP_DN}"
    ldap = Net::LDAP.new({:host=>LDAP_HOST, :port=>LDAP_PORT, :auth=>
{:method=>:simple, :username=>usr, :password=>pss}})
    return ldap.bind  # returns true if successfully auth'd; false if
not.
  end
  ...

Jeff

On Mar 19, 1:44 am, Palani Kumar <rails-mailing-l...@andreas-s.net>
This topic is locked and can not be replied to.