Hello,
the Authen::SASL people
are doing some SASL-GSSAPI authentication
with the GSSAPI.pm module.
I've tested it on Net::LDAP and sent feedback to per...@pe....
Please let me know if you have a need for SASL, too!
Thank you,
Achim
---------- Forwarded Message ----------
Subject: Re: bind() and SASL authentication via GSSAPI
Date: Wednesday 22 February 2006 21:24
From: Achim Grolms <ac...@gr...>
To: per...@pe...
On Wednesday 22 February 2006 09:22, Peter Marschall wrote:
> Hi,
>
> On Tuesday, 21. February 2006 19:55, Achim Grolms wrote:
> > Is there an easy way to export the actual version of Authen::SASL::Perl
> > you want me to test?
>
> svn export https://svn.mutatus.co.uk/repos/Authen-SASL/trunk/
I've done some testing now using Net::LDAP againt a Windows2003 AD server.
#! /usr/bin/perl -w
use strict;
use Net::LDAP;
use Authen::SASL;
my $sasl = Authen::SASL->new( mechanism => 'GSSAPI' );
my $adhost = 'ldapserver.example.com';
my $ldap = Net::LDAP->new( $adhost,
onerror => 'die',
#debug => 2,
) or die "Cannot connect to LDAP host
###$adhost###$@";
$ldap->bind ( sasl => $sasl );
print "\n\n ##### reached bind OK Phase";
my $mesg = $ldap->search ( base => 'dc=fsc,dc=net',
#attrs => $p_attrs,
filter => "(&(sAMAccountName=USERNAME))");
worked for me.
I've done some persnonal adjusments to the GSSAPI.pm module
(See attached diff).
DO NOT FEED THAT INTO SVN,
it's juts a base for discussion.
But it worked :-)
Questions:
1. I there a canonical way in Authen::SASL to printout debugmessages?
(I've added sub __debug_message(), but I think there is a better way :-D)
I needed that to see the states og the module.
2. the GSSAPI system can fail and reports errormessages
(caused by DNS problems, wrong /etc/hosts, credentials expired)...
All this errormessaged has to be passed to the user so he gets a chance to
fix that problems (typing kinit etc...)
When useing the
return $self->set_error("GSSAPI Error : ".$status);
I see no errormessage, so I make the module simple die
in case of GSSAPI error.
(That was the simplest for debugging).
But what is the ebst way for errorreporting in a CPAN version of the module?
Thank you,
Achim
-------------------------------------------------------
|
