我正在尝试在我的 rails 应用程序中使用 ldap_devise_authenticable。我指的是https://github.com/cschiewek/devise_ldap_authenticatable和http://random-rails.blogspot.com/2010/07/ldap-authentication-with-devise.html。
我目前在将 ldap.yml 文件配置到我正在使用的 ldap 服务器时遇到问题。我在弄清楚哪些参数要填写哪些细节时遇到了困难。
我能够从http://net-ldap.rubyforge.org/classes/Net/LDAP.html收集一些信息。但由于本教程主要针对 net-ldap gem。它并不完全符合我的目的。
您能否向我推荐一个关于 LDAP 的好教程...具体到我需要填写为我用于授权和环境的 ldap.yml 的值的参数。我有一个重要的疑问是
我对在环境中输入哪些参数值有一些想法,但对于为授权相关参数输入哪些详细信息我一无所知。我在下面给出的 ldap.yml 中评论了一些细节,以填补我的疑问。如果可行,请帮助我。
我当前的 ldap.yml 看起来像这样:-
#
# Authorizations
# Uncomment out the merging for each enviornment that you'd like to include.
# You can also just copy and paste the tree (do not include the "authorizations") to each
# enviornment if you need something different per enviornment.
authorizations: &AUTHORIZATIONS
group_base: ou=groups,dc=test,dc=com
## Requires config.ldap_check_group_membership in devise.rb be true
# Can have multiple values, must match all to be authorized
required_groups:
# If only a group name is given, membership will be checked against "uniqueMember"
- cn=admins,ou=groups,dc=test,dc=com
- cn=users,ou=groups,dc=test,dc=com
# If an array is given, the first element will be the attribute to check against, the second the group name
- ["moreMembers", "cn=users,ou=groups,dc=test,dc=com"]
## Requires config.ldap_check_attributes in devise.rb to be true
## Can have multiple attributes and values, must match all to be authorized
require_attribute:
objectClass: inetOrgPerson
authorizationRole: postsAdmin
## Enviornments
development:
host: # ip address is to be filled in here..
port: # port number goes here..
attribute: cn # what does attribute and cn signify?? what are the other things I can fill attribute with like uid, and..what else ??
base: # my tree base details go in here..
admin_user: cn=admin_name,dc=test,dc=com # do I need to enter the domain component also ? or just the admin_name would do?
admin_password: # password goes in here..
ssl: true # when would I be using this..??
# <<: *AUTHORIZATIONS - how & where can I use this..??
test:
host: # ip address is to be filled in here..
port: # port number goes here..
attribute: cn # what does attribute and cn signify?? what are the other things I can fill attribute with like uid, and..what else ??
base: # my tree base details go in here..
admin_user: cn=admin_name,dc=test,dc=com
admin_password: # password goes in here..
ssl: true
# <<: *AUTHORIZATIONS - how can I use this..
production:
host: # ip address is to be filled in here..
port: # port number goes here..
attribute: cn # what does attribute and cn signify?? what are the other things I can fill attribute with like uid, and..what else ??
base: # my tree base details go in here..
admin_user: cn=admin_name,dc=test,dc=com
admin_password: # password goes in here..
ssl: true
# <<: *AUTHORIZATIONS - how can I use this..
谢谢你的帮助。。