出于某种原因,在我的页面上使用 Devise 进行身份验证似乎不起作用,导致出现未经授权的 401 错误。完成 net/ldap 中的步骤似乎绑定得很好。我不确定问题出在哪里。
服务器的输出:
Processing by Devise::SessionsController#create as HTML
Parameters: {"utf8"=>"â", "authenticity_token"=>"0uaLJJKobrDkn1mGDRP/RM6gIec+Wi7oykgWYuutsvk=", "user"=>{"login"=><login>, "password"=>"[FILTERED]", "remember_me"=>"0"}, "commit"=>"Sign in"}
Completed 401 Unauthorized in 14ms
来自 ldap.yml:
development:
host: <hostname>
port: 389
attribute: sAMAccountName
base: <base>
admin_user: <admin user>
admin_password: <admin pass>
ssl: false
# <<: *AUTHORIZATIONS
来自 devise.rb:
config.ldap_use_admin_to_bind = true
config.authentication_keys = [ :login ]
从对 irb 的测试:
$ irb
irb(main):001:0> require 'rubygems'
=> true
irb(main):002:0> require 'net/ldap'
=> true
irb(main):003:0> ldap = Net::LDAP.new
=> #<Net::LDAP:0x141d19 @host="127.0.0.1", @auth={:method=>:anonymous}, @encryption=nil, @base="dc=com", @port=389, @verbose=false, @open_connection=nil>
irb(main):004:0> ldap.host = <hostname>
=> <hostname>
irb(main):005:0> ldap.port = 389
=> 389
irb(main):006:0> ldap.base = <base>
=> <base>
irb(main):007:0> ldap.auth <admin user>, <admin pass>
=> {:method=>:simple, :username=><admin user>, :password=><admin pass>}
irb(main):008:0> dn = ldap.search( :filter => Net::LDAP::Filter.eq('sAMAccountName', <login>)).first.dn
=> <login dn information>
irb(main):009:0> ldap.auth dn, <password>
=> {:method=>:simple, :username=><login dn information>, :password=><password>}
irb(main):010:0> ldap.bind
=> true
正如您所看到的,绑定通过正常的 net/ldap 测试工作正常,但是当我出于某种原因通过实际的 Rails 站点时它似乎不起作用,即使我复制了 Devise 模块应该做的事情。