inn with LDAP

Julien ÉLIE julien at trigofacile.com
Fri Dec 14 14:39:32 UTC 2007


Hi David,

> Hi , i am looking for inn ldap support.  What i need is to look at group in
> ldap and give access to users in that group. If it can also provide access
> based to groups which users are members it will be the best.


Well, it is more complicated that just using PAM (with pam-ldap) to
authenticate users.
I believe you should write a little Perl or Python authentication script.

See <http://www.eyrie.org/~eagle/software/inn/docs/readers.conf.html>
(the man page of readers.conf):

perl_auth:

    A path to a perl script for authentication.  The perl_auth: parameter
    works exactly like auth:, except that it calls the named script using the
    perl hook rather then an external program.  Multiple/mixed use of the auth,
    perl_auth, and python_auth parameters is permitted within any auth group;
    each line is tried in the order it appears.  perl_auth: has more power than
    auth: in that it provides the authentication program with additional
    information about the client and the ability to return an error string
    and a username.  This parameter is only valid if INN is compiled with
    Perl support (--with-perl passed to configure).
    More information may be found in doc/hook-perl.


It is the same for python_auth.

See <http://www.eyrie.org/~eagle/software/inn/docs/hook-perl.html#S7> for
the doc/hook-perl contents.  It will explain everything you need to know.
You have very good LDAP libraries for Perl (and Python) so I believe
it is easy to implement what you want.

Regards,

-- 
Julien ÉLIE

« Et rose elle a vécu ce que vivent les roses. » (François de Malherbe) 



More information about the inn-workers mailing list