Authenticating Ruby against LDAP
I was messing around at work the other day with our OpenVPN server, and I was kind of tired of how it authenticates against a flat file I was using to store users and passwords (encrypted, ofcourse). So I rewrote the openvpn auth script in Ruby, and I had it hit our LDAP server instead. Wasn’t too incredibly challenging, but I thought I’d share my success, just in case it helps somebody else out there. Here’s a snippet that shows LDAP auth how it works:
1 2 3 4 5 6 7 8 9 10 11 12 13 |
def check_auth(user, pass) require 'ldap' ldap_user = "uid=#{user},#{@basedn}" begin conn = LDAP::Conn.open(@ldap_host, @ldap_port) conn.start_tls conn.bind(ldap_user, pass) return conn.bound? rescue Exception => e puts "Authentication failed: #{e}" if @verbose return false end end |
It could probably be improved, but the point is, it does what I need and works pretty well.
Post by Jonathan Gnagy @ 2009-09-28 17:07:00 -0700