Skip to content

Commit

Permalink
Possibility to configure objectClass and attributes for LDAP backend …
Browse files Browse the repository at this point in the history 
…(references #8)
  • Loading branch information
@coudot
coudot committed Jun 12, 2015
1 parent 6bd02e1 commit 5aba8d1
Show file tree
Hide file tree
Showing 2 changed files with 96 additions and 41 deletions.
48 changes: 33 additions & 15 deletions lib/Apache/Session/Browseable/LDAP.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,17 +64,23 @@ sub searchOnExpr {

sub _query {
my ( $class, $args, $selectField, $value, @fields ) = @_;
$args->{ldapObjectClass} ||= 'applicationProcess';
$args->{ldapAttributeId} ||= 'cn';
$args->{ldapAttributeContent} ||= 'description';
$args->{ldapAttributeIndex} ||= 'ou';

my %res = ();
my $ldap =
Apache::Session::Browseable::Store::LDAP::ldap( { args => $args } );
my $msg = $ldap->search(
base => $args->{ldapConfBase},
filter =>
"(&(objectClass=applicationProcess)(ou=${selectField}_$value))",
base => $args->{ldapConfBase},
filter => "(&(objectClass="
. $args->{ldapObjectClass} . ")("
. $args->{ldapAttributeIndex}
. "=${selectField}_$value))",

#scope => 'base',
attrs => [ 'description', 'cn' ],
attrs => [ $args->{ldapAttributeContent}, $args->{ldapAttributeId} ],
);

$ldap->unbind();
Expand All @@ -84,8 +90,8 @@ sub _query {
}
else {
foreach my $entry ( $msg->entries ) {
my $id = $entry->get_value('cn') or die;
my $tmp = $entry->get_value('description');
my $id = $entry->get_value( $args->{ldapAttributeId} ) or die;
my $tmp = $entry->get_value( $args->{ldapAttributeContent} );
next unless ($tmp);
eval { $tmp = unserialize($tmp); };
next if ($@);
Expand All @@ -104,6 +110,11 @@ sub get_key_from_all_sessions {
my $class = shift;
my $args = shift;
my $data = shift;
$args->{ldapObjectClass} ||= 'applicationProcess';
$args->{ldapAttributeId} ||= 'cn';
$args->{ldapAttributeContent} ||= 'description';
$args->{ldapAttributeIndex} ||= 'ou';

my %res;

my $ldap =
Expand All @@ -113,8 +124,11 @@ sub get_key_from_all_sessions {

# VERY STRANGE BUG ! With this filter, description isn't base64 encoded !!!
#filter => '(objectClass=applicationProcess)',
filter => '(&(objectClass=applicationProcess)(ou=*))',
attrs => [ 'cn', 'description' ],

filter => '(&(objectClass='
. $args->{ldapObjectClass} . ')('
. $args->{ldapAttributeIndex} . '=*))',
attrs => [ $args->{ldapAttributeId}, $args->{ldapAttributeContent} ],
);

$ldap->unbind();
Expand All @@ -124,8 +138,8 @@ sub get_key_from_all_sessions {
}
else {
foreach my $entry ( $msg->entries ) {
my $id = $entry->get_value('cn') or die;
my $tmp = $entry->get_value('description');
my $id = $entry->get_value( $args->{ldapAttributeId} ) or die;
my $tmp = $entry->get_value( $args->{ldapAttributeContent} );
next unless ($tmp);
eval { $tmp = unserialize($tmp); };
next if ($@);
Expand Down Expand Up @@ -157,11 +171,15 @@ Apache::Session::Browseable::LDAP - An implementation of Apache::Session::LDAP
use Apache::Session::Browseable::LDAP;
tie %hash, 'Apache::Session::Browseable::LDAP', $id, {
ldapServer => 'ldap://localhost:389',
ldapConfBase => 'dmdName=applications,dc=example,dc=com',
ldapBindDN => 'cn=admin,dc=example,dc=com',
ldapBindPassword => 'pass',
Index => 'uid ipAddr',
ldapServer => 'ldap://localhost:389',
ldapConfBase => 'dmdName=applications,dc=example,dc=com',
ldapBindDN => 'cn=admin,dc=example,dc=com',
ldapBindPassword => 'pass',
Index => 'uid ipAddr',
ldapObjectClass => 'applicationProcess',
ldapAttributeId => 'cn',
ldapAttributeContent => 'description',
ldapAttributeIndex => 'ou',
};
=head1 DESCRIPTION
Expand Down
89 changes: 63 additions & 26 deletions lib/Apache/Session/Browseable/Store/LDAP.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,27 +14,36 @@ sub insert {
my $self = shift;
my $session = shift;
$self->{args} = $session->{args};
$self->{args}->{ldapObjectClass} ||= 'applicationProcess';
$self->{args}->{ldapAttributeId} ||= 'cn';
$self->{args}->{ldapAttributeContent} ||= 'description';
$self->{args}->{ldapAttributeIndex} ||= 'ou';

my $index =
ref( $session->{args}->{Index} )
? $session->{args}->{Index}
: [ split /\s+/, $session->{args}->{Index} ];
my $id = $session->{data}->{_session_id};

my $ou;
my $attrIndex;
foreach my $i (@$index) {
my $t;
next unless ( $t = $session->{data}->{$i} );
push @$ou, "${i}_$t";
push @$attrIndex, "${i}_$t";
}
my $attrs = [
objectClass => [ 'top', 'applicationProcess' ],
cn => $session->{data}->{_session_id},
description => $session->{serialized},
objectClass => $self->{args}->{ldapObjectClass},
$self->{args}->{ldapAttributeId} => $session->{data}->{_session_id},
$self->{args}->{ldapAttributeContent} => $session->{serialized},
];
push @$attrs, ( ou => $ou ) if ($ou);
push @$attrs, ( $self->{args}->{ldapAttributeIndex} => $attrIndex )
if ($attrIndex);

my $msg = $self->ldap->add( "cn=$id," . $self->{args}->{ldapConfBase},
attrs => $attrs, );
my $msg = $self->ldap->add(
$self->{args}->{ldapAttributeId} . "=$id,"
. $self->{args}->{ldapConfBase},
attrs => $attrs,
);

$self->ldap->unbind() && delete $self->{ldap};
$self->logError($msg) if ( $msg->code );
Expand All @@ -44,24 +53,35 @@ sub update {
my $self = shift;
my $session = shift;
$self->{args} = $session->{args};
$self->{args}->{ldapObjectClass} ||= 'applicationProcess';
$self->{args}->{ldapAttributeId} ||= 'cn';
$self->{args}->{ldapAttributeContent} ||= 'description';
$self->{args}->{ldapAttributeIndex} ||= 'ou';

my $index =
ref( $session->{args}->{Index} )
? $session->{args}->{Index}
: [ split /\s+/, $session->{args}->{Index} ];
my $id = $session->{data}->{_session_id};

my $ou;
my $attrIndex;
foreach my $i (@$index) {
my $t;
next unless ( $t = $session->{data}->{$i} );
push @$ou, "${i}_$t";
push @$attrIndex, "${i}_$t";
}
my $attrs = { description => $session->{serialized} };
$attrs->{ou} = $ou if ($ou);

my $attrs =
{ $self->{args}->{ldapAttributeContent} => $session->{serialized} };
$attrs->{ $self->{args}->{ldapAttributeIndex} } = $attrIndex
if ($attrIndex);

my $msg = $self->ldap->modify(
"cn=$session->{data}->{_session_id}," . $self->{args}->{ldapConfBase},
replace => $attrs, );
$self->{args}->{ldapAttributeId} . "="
. $session->{data}->{_session_id} . ","
. $self->{args}->{ldapConfBase},
replace => $attrs,
);

$self->ldap->unbind() && delete $self->{ldap};
$self->logError($msg) if ( $msg->code );
Expand All @@ -71,20 +91,26 @@ sub materialize {
my $self = shift;
my $session = shift;
$self->{args} = $session->{args};
$self->{args}->{ldapObjectClass} ||= 'applicationProcess';
$self->{args}->{ldapAttributeId} ||= 'cn';
$self->{args}->{ldapAttributeContent} ||= 'description';
$self->{args}->{ldapAttributeIndex} ||= 'ou';

my $msg = $self->ldap->search(
base => "cn=$session->{data}->{_session_id},"
base => $self->{args}->{ldapAttributeId} . "="
. $session->{data}->{_session_id} . ","
. $self->{args}->{ldapConfBase},
filter => '(objectClass=applicationProcess)',
filter => '(objectClass=' . $self->{args}->{ldapObjectClass} . ')',
scope => 'base',
attrs => ['description'],
attrs => [ $self->{args}->{ldapAttributeContent} ],
);

$self->ldap->unbind() && delete $self->{ldap};
$self->logError($msg) if ( $msg->code );

eval {
$session->{serialized} = $msg->shift_entry()->get_value('description');
$session->{serialized} = $msg->shift_entry()
->get_value( $self->{args}->{ldapAttributeContent} );
};

if ( !defined $session->{serialized} ) {
Expand All @@ -96,9 +122,14 @@ sub remove {
my $self = shift;
my $session = shift;
$self->{args} = $session->{args};
$self->{args}->{ldapObjectClass} ||= 'applicationProcess';
$self->{args}->{ldapAttributeId} ||= 'cn';
$self->{args}->{ldapAttributeContent} ||= 'description';
$self->{args}->{ldapAttributeIndex} ||= 'ou';

$self->ldap->delete(
"cn=$session->{data}->{_session_id}," . $self->{args}->{ldapConfBase} );
$self->ldap->delete( $self->{args}->{ldapAttributeId} . "="
. $session->{data}->{_session_id} . ","
. $self->{args}->{ldapConfBase} );

$self->ldap->unbind() && delete $self->{ldap};
}
Expand Down Expand Up @@ -192,15 +223,21 @@ objects are stored in an LDAP directory file using the Net::LDAP Perl module.
This module requires one argument in the usual Apache::Session style. The
keys ldapServer, ldapBase, ldapBindDN, ldapBindPassword are required. The key
ldapPort is optional. Example:
ldapPort, ldapObjectClass, ldapAttributeId, ldapAttributeContent, ldapAttributeIndex
are optional.
Example:
tie %s, 'Apache::Session::Browseable::LDAP', undef,
{
ldapServer => 'localhost',
ldapBase => 'dc=example,dc=com',
ldapBindDN => 'cn=admin,dc=example,dc=com',
ldapBindPassword => 'pass',
Index => 'uid ipAddr',
ldapServer => 'localhost',
ldapBase => 'dc=example,dc=com',
ldapBindDN => 'cn=admin,dc=example,dc=com',
ldapBindPassword => 'pass',
Index => 'uid ipAddr',
ldapObjectClass => 'applicationProcess',
ldapAttributeId => 'cn',
ldapAttributeContent => 'description',
ldapAttributeIndex => 'ou',
};
=head1 AUTHOR
Expand Down

0 comments on commit 5aba8d1

Please sign in to comment.