| 1 |
= LDAP |
|---|
| 2 |
|
|---|
| 3 |
Created by: Sean Cribbs |
|---|
| 4 |
version: 0.1 |
|---|
| 5 |
|
|---|
| 6 |
The LDAP extension allows access to LDAP directory information from |
|---|
| 7 |
within Radiant pages. It includes an admin interface where you can create, |
|---|
| 8 |
test, and save 'canned' queries that can be reused in your pages. |
|---|
| 9 |
|
|---|
| 10 |
== Setup |
|---|
| 11 |
|
|---|
| 12 |
1) The Ruby-LDAP library is required. Instructions for installing the library can be |
|---|
| 13 |
found at http://ruby-ldap.sourceforge.net/ |
|---|
| 14 |
|
|---|
| 15 |
2) Make sure your instance of OpenLDAP is configured correctly. I had to disable TLS |
|---|
| 16 |
certificate validation on mine to get SSL to work. If you have a cert from a root CA, |
|---|
| 17 |
this will not be a problem. |
|---|
| 18 |
|
|---|
| 19 |
3) Checkout or copy the extension into vendor/extensions/ldap under your instance of Radiant. |
|---|
| 20 |
|
|---|
| 21 |
4) Run rake db:migrate:extensions to create the schema. |
|---|
| 22 |
|
|---|
| 23 |
5) Either through the included admin interface ('Edit Settings'), script/console |
|---|
| 24 |
(Radiant::Config model), or through a database administration and query tool, set these values |
|---|
| 25 |
in the 'config' table (sample values provided, explanation is just for reference). |
|---|
| 26 |
|
|---|
| 27 |
key value explanation |
|---|
| 28 |
------------------ ------------------------------ --------------------- |
|---|
| 29 |
ldap.server yourservername.com The server/IP where the LDAP directory resides. |
|---|
| 30 |
ldap.port 389 The port the LDAP server listens on, 389 generally (636 for SSL). |
|---|
| 31 |
ldap.base_dn o=company The root of all queries, unless otherwise specified. |
|---|
| 32 |
ldap.use_ssl false "true" or "false" - Use SSL to connect. |
|---|
| 33 |
ldap.bind_user cn=someuser,ou=admin,o=company A fully qualified DN to authenticate as. |
|---|
| 34 |
ldap.bind_password password The password of the authentication user. |
|---|
| 35 |
|
|---|
| 36 |
6) Copy 'directory.gif' to RADIANT_ROOT/public/images (this may be unnecessary in the future). |
|---|
| 37 |
|
|---|
| 38 |
7) Fire up Radiant and try it out! Tag usage is described using the DSL/tag reference UI |
|---|
| 39 |
and the tags are available on all pages. |
|---|
| 40 |
|
|---|
| 41 |
== Notes |
|---|
| 42 |
|
|---|
| 43 |
* Not all LDAP directories support root_dse, so the LDAP extension does not use root_dse |
|---|
| 44 |
to determine any information about your directory schema. All information is 'in the raw'. |
|---|
| 45 |
|
|---|
| 46 |
* Any information returned by the query is in the order determined by the LDAP directory. |
|---|
| 47 |
No external sorting algorithms have been applied yet. |
|---|
| 48 |
|
|---|
| 49 |
* Fields/attributes that have multiple values are currently rendered as joined with commas. |
|---|
| 50 |
This will be changed in a future release to use nested tags so output can be more flexible. |
|---|
| 51 |
|
|---|
| 52 |
== To-dos |
|---|
| 53 |
|
|---|
| 54 |
* Use 'password' field type on bind_password in settings UI. |
|---|
| 55 |
* 'Use SSL?' checkbox not maintaining state. |
|---|
| 56 |
* Implement flexible sorting for records. |
|---|
