diff options
author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2008-04-06 17:36:26 +0000 |
---|---|---|
committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2008-04-06 17:36:26 +0000 |
commit | 2bcb7820875b9ace4dad36a759cee453c45e4dec (patch) | |
tree | 01aaa156b09854ed91e65b65e85c5565082651b1 /extra | |
parent | 246e8f67c598664741954aa2cbb4cfeafea7ef85 (diff) | |
download | redmine-2bcb7820875b9ace4dad36a759cee453c45e4dec.tar.gz redmine-2bcb7820875b9ace4dad36a759cee453c45e4dec.zip |
Redmine.pm for webdav authentication:
* make Authen::Simple::LDAP module optional
* handle TLS flag set in Redmine
git-svn-id: http://redmine.rubyforge.org/svn/trunk@1336 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'extra')
-rw-r--r-- | extra/svn/Redmine.pm | 30 |
1 files changed, 17 insertions, 13 deletions
diff --git a/extra/svn/Redmine.pm b/extra/svn/Redmine.pm index f4c5abc6b..782d0777a 100644 --- a/extra/svn/Redmine.pm +++ b/extra/svn/Redmine.pm @@ -8,8 +8,8 @@ against redmine database =head1 SYNOPSIS This module allow anonymous users to browse public project and -registred users to browse and commit their project. authentication is -done on the redmine database. +registred users to browse and commit their project. Authentication is +done against the redmine database or the LDAP configured in redmine. This method is far simpler than the one with pam_* and works with all database without an hassle but you need to have apache/mod_perl on the @@ -29,6 +29,9 @@ On debian/ubuntu you must do : aptitude install libapache-dbi-perl libapache2-mod-perl2 libdbd-mysql-perl +If your Redmine users use LDAP authentication, you will also need +Authen::Simple::LDAP (and IO::Socket::SSL if LDAPS is used). + =head1 CONFIGURATION ## if the module isn't in your perl path @@ -90,7 +93,8 @@ use strict; use DBI; use Digest::SHA1; -use Authen::Simple::LDAP; +# optional module for LDAP authentication +my $CanUseLDAPAuth = eval("use Authen::Simple::LDAP; 1"); use Apache2::Module; use Apache2::Access; @@ -188,21 +192,21 @@ sub is_member { $ret = 1; last; } - } else { + } elsif ($CanUseLDAPAuth) { my $sthldap = $dbh->prepare( - "SELECT host,port,account,account_password,base_dn,attr_login from auth_sources WHERE id = ?;" + "SELECT host,port,tls,account,account_password,base_dn,attr_login from auth_sources WHERE id = ?;" ); $sthldap->execute($row[1]); while (my @rowldap = $sthldap->fetchrow_array) { my $ldap = Authen::Simple::LDAP->new( - host => $rowldap[0], - port => $rowldap[1], - basedn => $rowldap[4], - binddn => $rowldap[2] ? $rowldap[2] : "", - bindpw => $rowldap[3] ? $rowldap[3] : "", - filter => "(".$rowldap[5]."=%s)" - ); - $ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass)); + host => ($rowldap[2] == 1 || $rowldap[2] eq "t") ? "ldaps://$rowldap[0]" : $rowldap[0], + port => $rowldap[1], + basedn => $rowldap[5], + binddn => $rowldap[3] ? $rowldap[3] : "", + bindpw => $rowldap[4] ? $rowldap[4] : "", + filter => "(".$rowldap[6]."=%s)" + ); + $ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass)); } $sthldap->finish(); } |