Hi all, Let me apologize in advance if I'm overcomplicating my post....
I currently use AuthLogic along with this LDAP validation method in the User model :
class User < ActiveRecord::Base def valid_ldap_credentials?(password_plaintext) ldap = Net::LDAP.new ldap.host = 'hostname' ldap.auth "AD\\" + self.username, password_plaintext ldap.bind end end
I also have an LDAP controller that runs LDAP searches to populate arrays, such as this one that returns a list of all active usernames:
class LdapController < ApplicationController def ldap_users ldap = Net::LDAP.new ldap.host = 'hostname' ldap.bind ldap.auth('AD\username', 'password') treebase = "ou=blah, dc=blah, dc=com" filter1 = Net::LDAP::Filter.eq("objectCategory","user") filter2 = Net::LDAP::Filter.eq("userAccountControl","512") attrs = ["cn"] @usernames = Array.new ldap.search(:base => treebase, :filter => filter1 & filter2, :attributes => attrs ) do |entry| @usernames << entry.cn end end end
What I'd like to do, however, is to somehow hold my LDAP binding session at the time of login, and be able to use it throughout the application. For instance, I want to create a selection list of ldap_users, from which a user can select his manager's name, which would be saved in the user's record in my application database(basically, I need the user to enter his manager's username, but the LDAP search method would validate the username so we know it's a valid name).
Maybe I'm overcomplicating it, but how would I hold my LDAP session information so that non "User"controllers can use it? So, for instance, the LDAP Controller could look like this instead:
class LdapController < ApplicationController def ldap_users ldap = [user session information that is validated and bound to LDAP] treebase = "ou=blah, dc=blah, dc=com" filter1 = Net::LDAP::Filter.eq("objectCategory","user") filter2 = Net::LDAP::Filter.eq("userAccountControl","512") attrs = ["cn"] @usernames = Array.new ldap.search(:base => treebase, :filter => filter1 & filter2, :attributes => attrs ) do |entry| @usernames << entry.cn end end end
Does that make sense?
Also, if anyone knows how to get a selection list out of the "@usernames" array created above, that would be an awesome help. Since the values are coming from LDAP dynamically, and not from a table in my application's database, I don't know the syntax for creating the selection list. This is how I would create a selection list from tables in my database:
<%= select( "user", "department_id", Department.find( :all, :order => "name" ).collect { |c| [c.name, c.id] }, { :include_blank => true, :order => "name" })%>
...but how would I pull the attributes from the @usernames array I created in the ldap_users method to populate a selection list?
Thanks in advance for any suggestions or guidance...
