Module: UCB::LDAP
- Defined in:
- lib/ucb_ldap.rb,
lib/ucb_ldap_org.rb,
lib/ucb_ldap_entry.rb,
lib/ucb_ldap_person.rb,
lib/ucb_ldap_schema.rb,
lib/ucb_ldap_address.rb,
lib/ucb_ldap_service.rb,
lib/ucb_ldap_namespace.rb,
lib/ucb_ldap_exceptions.rb,
lib/ucb_ldap_affiliation.rb,
lib/ucb_ldap_student_term.rb,
lib/ucb_simple_ldap_entry.rb,
lib/person/generic_attributes.rb,
lib/ucb_ldap_schema_attribute.rb,
lib/person/affiliation_methods.rb,
lib/ucb_ldap_person_job_appointment.rb
Overview
UCB::LDAP
If you are doing searches that don’t require a privileged bind and are accessing the default (production) server you probably don’t need to call any of the methods in this module.
Methods in this module are about making connections to the LDAP directory.
Interaction with the directory (searches and updates) is usually through the search() and other methods of UCB::LDAP::Entry and its sub-classes.
Defined Under Namespace
Modules: AffiliationMethods, GenericAttributes, Schema Classes: Address, Affiliation, BadAttributeNameException, BindFailedException, ConnectionFailedException, DirectoryNotUpdatedException, Entry, JobAppointment, Namespace, Org, Person, Service, SimpleEntry, StudentTerm
Constant Summary collapse
- HOST_PRODUCTION =
'ldap.berkeley.edu'
- HOST_TEST =
'ldap-test.berkeley.edu'
Class Method Summary collapse
-
.authenticate(username, password) ⇒ Object
Give (new) bind credentials to LDAP.
-
.authentication_information ⇒ Object
The value of the :auth parameter for Net::LDAP.new().
- .bind(bind_file, environment) ⇒ Object
-
.bind_for_rails(bind_file = "#{RAILS_ROOT}/config/ldap.yml", environment = RAILS_ENV) ⇒ Object
If you are using UCB::LDAP in a Rails application you can specify binds on a per-environment basis, just as you can with database credentials.
-
.clear_authentication ⇒ Object
Removes current bind (username, password).
-
.clear_instance_variables ⇒ Object
Used for testing.
-
.host ⇒ Object
Returns LDAP host used for lookups.
-
.host=(host) ⇒ Object
Setter for #host.
-
.local_date_parse(arg) ⇒ Object
Returns
arg
as a RubyDate
in local time zone. -
.local_datetime_parse(arg) ⇒ Object
Returns
arg
as a RubyDateTime
in local time zone. -
.net_ldap ⇒ Object
Returns Net::LDAP instance that is used by UCB::LDAP::Entry and subclasses for directory searches.
-
.new_net_ldap ⇒ Object
Returns new Net::LDAP instance.
-
.password ⇒ Object
:nodoc:.
-
.username ⇒ Object
:nodoc:.
Class Method Details
.authenticate(username, password) ⇒ Object
Give (new) bind credentials to LDAP. An attempt will be made to bind and will raise BindFailedException if bind fails.
Call clear_authentication() to remove privileged bind.
51 52 53 54 |
# File 'lib/ucb_ldap.rb', line 51 def authenticate(username, password) @username, @password = username, password new_net_ldap # to force bind() end |
.authentication_information ⇒ Object
The value of the :auth parameter for Net::LDAP.new().
143 144 145 146 147 |
# File 'lib/ucb_ldap.rb', line 143 def authentication_information() password.nil? ? {:method => :anonymous} : {:method => :simple, :username => username, :password => password} end |
.bind(bind_file, environment) ⇒ Object
123 124 125 126 127 128 |
# File 'lib/ucb_ldap.rb', line 123 def bind(bind_file, environment) raise "Can't find bind file: #{bind_file}" unless FileTest.exists?(bind_file) binds = YAML.load(IO.read(bind_file)) bind = binds[environment] || raise("Can't find environment=#{environment} in bind file") authenticate(bind['username'], bind['password']) end |
.bind_for_rails(bind_file = "#{RAILS_ROOT}/config/ldap.yml", environment = RAILS_ENV) ⇒ Object
If you are using UCB::LDAP in a Rails application you can specify binds on a per-environment basis, just as you can with database credentials.
# in ../config/ldap.yml
development:
username: user_dev
password: pass_dev
# etc.
# in ../config/environment.rb
require 'ucb_ldap'
UCB::LDAP.bind_for_rails()
Runtime error will be raised if bind_file not found or if environment key not found in bind_file.
119 120 121 |
# File 'lib/ucb_ldap.rb', line 119 def bind_for_rails(bind_file = "#{RAILS_ROOT}/config/ldap.yml", environment = RAILS_ENV) bind(bind_file, environment) end |
.clear_authentication ⇒ Object
Removes current bind (username, password).
57 58 59 |
# File 'lib/ucb_ldap.rb', line 57 def clear_authentication() authenticate(nil, nil) end |
.clear_instance_variables ⇒ Object
Used for testing
166 167 168 169 170 171 |
# File 'lib/ucb_ldap.rb', line 166 def clear_instance_variables() @host = nil @net_ldap = nil @username = nil @password = nil end |
.host ⇒ Object
Returns LDAP host used for lookups. Default is HOST_PRODUCTION.
62 63 64 |
# File 'lib/ucb_ldap.rb', line 62 def host() @host || HOST_PRODUCTION end |
.host=(host) ⇒ Object
Setter for #host.
Note: validation of host is deferred until a search is performed or #authenticate() is called at which time a bad host will raise ConnectionFailedException.
Don’t want to reconnect unless host really changed.
73 74 75 76 77 78 |
# File 'lib/ucb_ldap.rb', line 73 def host=(host) if host != @host @host = host @net_ldap = nil end end |
.local_date_parse(arg) ⇒ Object
Returns arg
as a Ruby Date
in local time zone. Returns nil
if arg
is nil
.
131 132 133 |
# File 'lib/ucb_ldap.rb', line 131 def local_date_parse(arg) arg.nil? ? nil : Date.parse(Time.parse(arg.to_s).localtime.to_s) end |
.local_datetime_parse(arg) ⇒ Object
Returns arg
as a Ruby DateTime
in local time zone. Returns nil
if arg
is nil
.
136 137 138 |
# File 'lib/ucb_ldap.rb', line 136 def local_datetime_parse(arg) arg.nil? ? nil : DateTime.parse(Time.parse(arg.to_s).localtime.to_s) end |
.net_ldap ⇒ Object
Returns Net::LDAP instance that is used by UCB::LDAP::Entry and subclasses for directory searches.
You might need this to perform searches not supported by sub-classes of Entry.
Note: callers should not cache the results of this call unless they are prepared to handle timed-out connections (which this method does).
88 89 90 |
# File 'lib/ucb_ldap.rb', line 88 def net_ldap() @net_ldap ||= new_net_ldap() end |
.new_net_ldap ⇒ Object
Returns new Net::LDAP instance. Note: Calling Net::LDAP.new does not result in a connection to the LDAP server. Rather, it stores the connection and binding parameters in the object. Later calls to: [search, add_attribute, rename_attribute, delete_attribute] will each result result in a new connection to the LDAP server.
154 155 156 157 158 159 160 161 162 163 |
# File 'lib/ucb_ldap.rb', line 154 def new_net_ldap() @net_ldap = Net::LDAP.new( :host => host, :auth => authentication_information, :port => 636, :encryption => {:method =>:simple_tls} ) raise(BindFailedException, @net_ldap.get_operation_result.to_s) unless @net_ldap.bind @net_ldap end |
.password ⇒ Object
:nodoc:
92 93 94 |
# File 'lib/ucb_ldap.rb', line 92 def password() #:nodoc: @password end |
.username ⇒ Object
:nodoc:
96 97 98 |
# File 'lib/ucb_ldap.rb', line 96 def username() #:nodoc: @username end |