Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

CGI Application Authentication using multiple drivers

Tags:

authentication

cgi

perl

driver

I have been trying to authenticate my CGI application through 2 drivers, one that uses username/password stored in the database and other using ldap active directory.

following is the code 

$self->authen->config( 
DRIVER => [ 'DBI',
  DBH         => $self->dbh,
  TABLE       => 'user',
  CONSTRAINTS => {
    'user.username'     => '__CREDENTIAL_1__',
    'MD5:user.password' => '__CREDENTIAL_2__'
  },
],

DRIVER => [ 'Authen::Simple::LDAP',
     host   => 'ldapad.company.com',
     basedn => 'OU=XXX,OU=XX,DC=XXX,DC=XXX', 
binddn => 'CN=usename,OU=Users,OU=XXX,OU=AD,DC=XXX,DC=xxx',
bindpw => 'secret',
filter => '(cn=%s)',   
],


CREDENTIALS    => [ 'authen_username', 'authen_password' ],
STORE                => 'Session',
LOGOUT_RUNMODE       => 'logout',
LOGIN_RUNMODE        => 'login',
POST_LOGIN_RUNMODE   => 'okay',
RENDER_LOGIN         => \&my_login_form,
);

How do I make the application check the other driver is not authenticated with one. Right now, as expected, its the driver listed at the bottom that works and they both do, depending on which was assigned last.

like image 602
prat Avatar asked Nov 06 '22 11:11

prat

1 Answers

I'm assuming you're using CGI::Application::Plugin::Authentication. I think there's a small problem in your code, that justifies the fact that only the last of the two works.

Your code is like:

$self->authen->config( 
  DRIVER => [ 'DBI', ... ],
  DRIVER => [ 'Authen::Simple::LDAP', ... ],
  CREDENTIALS => [ 'authen_username', 'authen_password' ],
  STORE  => 'Session',
  # ...
);

but $self->authen->config() takes a hash. For example, take a look at this example from the C::A::P::Authentication distribution.

Being a hash, that means that the last DRIVER entry will overwrite the previous ones. I believe the fix is very simple:

$self->authen->config( 
  DRIVER => [
       [ 'DBI', ... ],
       [ 'Authen::Simple::LDAP', ... ],
  ],
  CREDENTIALS => [ 'authen_username', 'authen_password' ],
  STORE  => 'Session',
  # ...
);

You can find an example of this in the module documentation:

http://search.cpan.org/~silasmonk/CGI-Application-Plugin-Authentication/lib/CGI/Application/Plugin/Authentication.pm#config

like image 83
Cosimo Avatar answered Nov 13 '22 04:11

Cosimo
Sign in to Comment

Related questions

Why do I get the error "unexpected end of string while parsing JSON string" when decoding a URI-encoded JSON string?
Why does Perl's "system ('some command')" behave differently from c:\> some command?
SOAP::Lite Perl Module Sends Wrong SOAP Envelope Namespace
How to subclass IO::Handle to properly get a low level file handle without having a file or memory?
How to use route name while testing mojolicious application?
Overriding a class' "is" attribute (Moose)
fast loading of large hash table in Perl
Forcing Ale to display Perl::Critic violations as warnings rather than errors
Cannot create non-virtual view using DBIx::Class::Schema::Versioned
How can I distribute an application with many perlapp executables but distribute only one perl
How to verify the name of a file?
How can I fit a curve to a histogram distribution?
How can a Perl web crawler follow an ASP.NET postback?
Perl DBIx::Class - Default Values when using new()?
Can Perl DBIx::Class override the way a column is retrieved from the database?
Decoding MIME (HTML+Attachments) [closed]
In Perl, how can I check from which module a given function was imported?
Perl: "Variable will not stay shared"
Spreadsheet::ParseExcel::Stream losing its parser
How do I remove the first five elements of an array?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!