CGI Application Authentication using multiple drivers - perl

I have been trying to authenticate my CGI application through 2 drivers, one that uses username/password stored in the database and other using ldap active directory.
following is the code
$self->authen->config(
DRIVER => [ 'DBI',
DBH => $self->dbh,
TABLE => 'user',
CONSTRAINTS => {
'user.username' => '__CREDENTIAL_1__',
'MD5:user.password' => '__CREDENTIAL_2__'
},
],
DRIVER => [ 'Authen::Simple::LDAP',
host => 'ldapad.company.com',
basedn => 'OU=XXX,OU=XX,DC=XXX,DC=XXX',
binddn => 'CN=usename,OU=Users,OU=XXX,OU=AD,DC=XXX,DC=xxx',
bindpw => 'secret',
filter => '(cn=%s)',
],
CREDENTIALS => [ 'authen_username', 'authen_password' ],
STORE => 'Session',
LOGOUT_RUNMODE => 'logout',
LOGIN_RUNMODE => 'login',
POST_LOGIN_RUNMODE => 'okay',
RENDER_LOGIN => \&my_login_form,
);
How do I make the application check the other driver is not authenticated with one.
Right now, as expected, its the driver listed at the bottom that works and they both do, depending on which was assigned last.

I'm assuming you're using CGI::Application::Plugin::Authentication.
I think there's a small problem in your code, that justifies the fact that only the last of the two works.
Your code is like:
$self->authen->config(
DRIVER => [ 'DBI', ... ],
DRIVER => [ 'Authen::Simple::LDAP', ... ],
CREDENTIALS => [ 'authen_username', 'authen_password' ],
STORE => 'Session',
# ...
);
but $self->authen->config() takes a hash. For example, take a look at this example from the C::A::P::Authentication distribution.
Being a hash, that means that the last DRIVER entry will overwrite the previous ones.
I believe the fix is very simple:
$self->authen->config(
DRIVER => [
[ 'DBI', ... ],
[ 'Authen::Simple::LDAP', ... ],
],
CREDENTIALS => [ 'authen_username', 'authen_password' ],
STORE => 'Session',
# ...
);
You can find an example of this in the module documentation:
http://search.cpan.org/~silasmonk/CGI-Application-Plugin-Authentication/lib/CGI/Application/Plugin/Authentication.pm#config

How do I make the application check the other driver is not authenticated with one.
It sounds to me like you want to check if more than one authentication method works, rather than the last one that works. Could you set up 3 different $self->authen->config() and try to login 3 different times? You use a hash to track the methods that work.

Related

Backend module: Link to another backend module in TYPO3 9

Let's say I have to different extensions with two different backend modules. Registered like:
\TYPO3\CMS\Extbase\Utility\ExtensionUtility::registerModule(
'Vendor.ext',
'ext',
'controller1',
'',
[
'Controller1' => 'any1',
],
[
'access' => 'user,group',
'icon' => '...',
'labels' => '...',
]
);
And in the second extension also like:
\TYPO3\CMS\Extbase\Utility\ExtensionUtility::registerModule(
'Vendor.ext2',
'ext2',
'controller2',
'',
[
'Controller2' => 'any2',
],
[
'access' => 'user,group',
'icon' => '...',
'labels' => '...',
]
);
How can I build a link from ext1 in the module to ext2?
What did I tried before in FLUID was:
<f:link.action action="any2" controller="Controller2" extensionName="ext">click me</f:link.action>
or
<f:be.link route="/ext/Ext2Controller2/">click me</f:be.link> (by copying the route that's available via GET parameter)
No luck yet - any ideas? Or how to get the correct route if be.link would be the correct function?
Finally I found the reason.
It's simply possible to use the existing viewhelper like <f:be.link route="lux_LuxLeads">click me</f:be.link>
But the route must be the key and not the path. The key can be picked in the backend module configuration and backendroutes

Yii2 mongodb error Object configuration must be an array containing a "class" element

When I try to login OR Signup it does not work. If I try to login with wrong credential it works. But if I use right credential it gives error:
Object configuration must be an array containing a "class" element.
Error on line:
static::findOne(['username' => $username, 'status' => self::STATUS_ACTIVE]);
and related line
$models = $this->createModels($rows);
My config is as below
main.php
return [
'vendorPath' => dirname(dirname(__DIR__)) . '/vendor',
'components' => [
'cache' => [
'class' => 'yii\caching\FileCache',
],
],
];
main-local.php
return [
'components' => [
'mongodb' => [
'class' => '\yii\mongodb\Connection',
'dsn' => 'mongodb://mts:123456#localhost:27017/mangodb',
],
'user' => [
'identityClass' => 'common\models\User', // This is your class with IdentityInterface
'enableAutoLogin' => true,
],
],
];
Make sure the ActiveRecord object you are using (the one in static::findOne(...)) is an instance of yii\mongodb\ActiveRecord and not yii\db\ActiveRecord because the latter uses standard db component I assume you have not got configured.

yii2 with mongodb not working for login or signup

we follow this youtube link to create yii2+mongodb connection but not working. check this link: https://www.youtube.com/watch?v=1msu95ZkRe8
gives an error Object configuration must be an array containing a "class" element.
in video user.php model copy paste from doc file what is that file please help me.
I successfully realized the login service at my own project using MongoDB. But I didn't use video tutorial you pointed out.
It looks like you have an error in your configuration file. I would first check the config for mongodb component. It must be something like following (yii2-mongodb project README)
return [
//....
'components' => [
'mongodb' => [
'class' => '\yii\mongodb\Connection',
'dsn' => 'mongodb://developer:password#localhost:27017/mydatabase',
],
],
];
Other component is worth checking out is the user component:
return [
//....
'components' => [
'user' => [
'identityClass' => 'frontend\models\User', // This is your class with IdentityInterface
'enableAutoLogin' => true,
'identityCookie' => ['name' => '_identity-frontend', 'httpOnly' => true],
],
];
But in fact, similar error may appear for any configuration element of YII2.
as per video change below function behaviors in comman/models/User.php
public function behaviors()
{
return [
'timestamp' => [
'class' => 'yii\behaviors\TimestampBehavior',
'attributes' => [
ActiveRecord::EVENT_BEFORE_INSERT => ['created_at', 'updated_at'],
ActiveRecord::EVENT_BEFORE_UPDATE => ['updated_at'],
]
]
];
}

PE Puppet Console and manage multiple node user accounts

I'm new to puppet and using Puppet Enterprise with the module from puppet for accounts. https://forge.puppet.com/puppetlabs/accounts
I'd like to be able to manage the user account details from the PE console for multiple users.
The best I can seem to get to is managing them within
/etc/puppetlabs/code/environments/production/manifests/site.pp
Which contains:
node default {
accounts::user { 'jeff':
comment => 'Jeff McCune',
groups => [
'wheel',
],
locked => true,
sshkeys => [
'ssh-rsa AAAA...',
'ssh-dss AAAA...',
],
password => '!!',
ensure => 'present',
}
accounts::user { 'dave':
comment => 'Dave Smith',
groups => [
'wheel',
],
locked => true,
sshkeys => [
'ssh-rsa AAAA...',
'ssh-dss AAAA...',
],
password => '!!',
ensure => 'present',
}
}
I'd ideally I'd like to be able to manage them per PE classification within the console. So each users details can be parameters I enter in the PE console - the number of users would vary, but just need the principle to able to add more than one.
I've tried adding into a manifest but struggled with declaring more than one account. I did that by:
/etc/puppetlabs/code/environments/production/modules/my_app/manifests/init.pp
which contained:
class my_app (
$username => '',
$usercomment => '',
$sshkey ='',
){
accounts::user { $username:
comment => $usercomment,
groups => [
'sudonopw',
],
locked => false,
sshkeys => [
$sshkey,
],
password => '!!',
ensure => present,
}
}
This allowed me to apply this class to any variation of my node classification and allow me to manage those parameters in the PE console. However I couldn't add more than one account to each node, as the class had been declared.
Can anyone give me some pointers.
Thanks

Using Apache::Session::Memcached with MasonX::Request::WithApacheSession

I'm trying to use Apache::Session::Memcached in an HTML::Mason project where I'm using MasonX::Request::WithApacheSession to handle my sessions. Unfortunately Apache will not launch when I plug in the Memcached module instead of the MySQL one. My custom handler looks something like this (a few snips here and there):
my $ah = HTML::Mason::ApacheHandler->new (
comp_root => $ENV{HTDOCS},
data_dir => $data_dir,
request_class => 'MasonX::Request::WithApacheSession',
session_use_cookie => 0,
args_method => "mod_perl",
session_args_param => 'session_id',
session_class => 'Apache::Session::Memcached',
session_Servers => '127.0.0.1:20000',
session_Readonly => 0,
session_Debug => 1,
session_cookie_domain => $CONF->{global}->{site_name},
session_cookie_expires => "session",
session_allow_invalid_id => 0,
);
The problem I'm running into is that the session_* paramaters specific to Memcached are not being passed through to Apache::Session::Memcached like the docs say it should. This results in this error:
The following parameter was passed in the call to HTML::Mason::ApacheHandler->new()
but was not listed in the validation options: session_Servers
Now, I have gone through and swapped all of the 3 upper case arguments to lower case, to no avail. And the docs for Apache::Session::Memcached list them as upper case.
Thanks a ton for any help.
It looks like you need to register Apache::Session::Memcached with Apache::Session::Wrapper, following the instructions at http://search.cpan.org/perldoc/Apache::Session::Wrapper#REGISTERING_CLASSES like so (code courtesy Jack M.):
Apache::Session::Wrapper::->RegisterClass(
'name' => 'Apache::Session::Memcached',
'required' => [ [ 'Servers' ], ],
'optional' => [ 'NoRehash', 'Readonly', 'Debug', 'CompressThreshold', ],
);

Categories