1 / 22

Drupal 7 LDAP Project

Drupal 7 LDAP Project. Overview with Authentication and Authorization Examples http://drupal.org/project/ldap. LDAP Project. Complete rewrite of LDAP Integration for Drupal 4.7, 5.x, and 6.x

iona
Télécharger la présentation

Drupal 7 LDAP Project

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Drupal 7 LDAP Project Overview with Authentication and Authorization Examples http://drupal.org/project/ldap

  2. LDAP Project • Complete rewrite of LDAP Integration for Drupal 4.7, 5.x, and 6.x • New project with goal of stability with solid test coverage, accessibility, I18n support, object oriented, Features support, API base. • RC Target for December • 7.x-1.x branch is active, -2.x is placeholder • Status at http://drupal.org/node/1115704

  3. Modules • LDAP Servers. Stores connection information for ldap servers and relationships between ldap and drupal users. Also contains api functions for LDAP project. • LDAP Query. Stores individual queries that can be leveraged by other modules such as LDAP Feeds and LDAP Views. • LDAP Authentication. Authentication and Drupal user account creation. • LDAP Authorization. Conversion of ldap user data to drupal roles, organic groups and other authorization providers. • LDAP Feeds. Fetchers for LDAP Queries and LDAP Users to integrate with feeds module. • LDAP Views. Views module integration for LDAP Query result sets • LDAP Help. Helper module for debugging configuration issues with other LDAP Modules.

  4. LDAP Project Status 10/10/2011 Status Thread: http://drupal.org/node/1115704

  5. LDAP Modules and Class Relationships

  6. Prerequisites http://drupal.org/node/1023900 • ldapphp extension • service account • mcrypt extension • open ssl or other ssl extension • use LDAP Help module for checking

  7. LDAP Settings

  8. LDAP Servers • Server Configuration != Physical Server • May want more than one server configuration per physical ldap server. • LDAP Server module not an LDAP Server. Just a means to query it. • Get LDAP Server details from sys admins

  9. LDAP Server: Server Settings

  10. LDAP Server: Binding

  11. LDAP Server: User Relationship (1 of 2)

  12. LDAP Server: User Relationship (2 of 2)

  13. LDAP Authentication: Logon Options

  14. LDAP Authentication: Account Conf

  15. LDAP Authorization: Design for LDAP 7

  16. LDAP Authorization: Design for Drupal 8

  17. LDAP Authorization: Setup 1 • Enable LDAP Authorization and LDAP Authorization Drupal Roles • Create Drupal Role Instance • Part II most complicated • IIA. cn=jdoe,ou=Group1,cn=example,cn=com • IIB. memberOf => all groups in memberOf attribute • IIC. Not sure what this is. • Filtering. Required to avoid many groups. If filtering off, create groups should also be off. • IV.C has to do with what you want to do manually. • Test to see expected behavior

  18. LDAP Authorization: Adding Consumers • Quite easy to add your own authorization consumers. • Use ldap_authorization_drupal_role or ldap_authorization_og as examples/templates • hook_ldap_authorization_consumer() is for vocabulary of user interface: • function ldap_authorization_drupal_role_ldap_authorization_consumer() { • $types['drupal_role'] = array( • 'consumer_name' => t('drupal role'), • 'consumer_name_plural' => t('drupal roles'), • 'consumer_short_name' => t('role'), • 'consumer_short_name_plural' => t('roles'), • 'consumer_description' => t('A Drupal Role.'), • 'consumer_class_name' => 'LdapAuthorizationConsumerDrupalRole', • 'consumer_class_file' => 'LdapAuthorizationConsumerRole.class.php', • 'consumer_module' => 'ldap_authorization_drupal_role', • ); • return $types; • }

  19. LDAP Authorization: Adding Consumers • Add class that extends LdapAuthorizationConsumerAbstract and provides at least the following methods and properties: • consumerType • refreshConsumerIDs() • availableConsumerIDs() • createConsumers($creates_mixed_case) (optional) • revokeSingleAuthorization(&$user, $consumer_id, &$user_auth_data) • grantSingleAuthorization(&$user, $consumer_id, &$user_auth_data) • usersAuthorizations(&$user)

  20. LDAP Feeds • For synching any ldap data with Drupal structures such as nodes, users, taxonomy, etc. • Includes 2 feeds fetchers: • FeedsLdapQueryFetcher for fetching generic ldap queries, configured by admins via the LDAP Query module. • FeedsDrupalUserLdapEntryFetcher for fetching ldap entries of drupal users who are ldap authenticated or otherwise ldap associated. • Includes 1 feeds parser: • FeedsLdapEntryParser that converts ldap entries array returned from ldap_search() to standard feed parser result format. • LDAP Query: Module for storing LDAP Queries used by other modules (LDAP Views, LDAP Feeds, etc). • LDAP Views: Views Integration

  21. Resources http://drupal.org/project/ldap Project Homepage

More Related