inn with LDAP
Julien ÉLIE
julien at trigofacile.com
Fri Dec 14 14:39:32 UTC 2007
Hi David,
> Hi , i am looking for inn ldap support. What i need is to look at group in
> ldap and give access to users in that group. If it can also provide access
> based to groups which users are members it will be the best.
Well, it is more complicated that just using PAM (with pam-ldap) to
authenticate users.
I believe you should write a little Perl or Python authentication script.
See <http://www.eyrie.org/~eagle/software/inn/docs/readers.conf.html>
(the man page of readers.conf):
perl_auth:
A path to a perl script for authentication. The perl_auth: parameter
works exactly like auth:, except that it calls the named script using the
perl hook rather then an external program. Multiple/mixed use of the auth,
perl_auth, and python_auth parameters is permitted within any auth group;
each line is tried in the order it appears. perl_auth: has more power than
auth: in that it provides the authentication program with additional
information about the client and the ability to return an error string
and a username. This parameter is only valid if INN is compiled with
Perl support (--with-perl passed to configure).
More information may be found in doc/hook-perl.
It is the same for python_auth.
See <http://www.eyrie.org/~eagle/software/inn/docs/hook-perl.html#S7> for
the doc/hook-perl contents. It will explain everything you need to know.
You have very good LDAP libraries for Perl (and Python) so I believe
it is easy to implement what you want.
Regards,
--
Julien ÉLIE
« Et rose elle a vécu ce que vivent les roses. » (François de Malherbe)
More information about the inn-workers
mailing list