Presentation is loading. Please wait.

Presentation is loading. Please wait.

Drupal 7 LDAP Project Overview with Authentication and Authorization Examples

Published byAllyson Hancock Modified over 9 years ago

Similar presentations

Presentation on theme: "Drupal 7 LDAP Project Overview with Authentication and Authorization Examples"— Presentation transcript:

1 Drupal 7 LDAP Project Overview with Authentication and Authorization Examples http://drupal.org/project/ldap

2 LDAP Project Complete rewrite of LDAP Integration for Drupal 4.7, 5.x, and 6.x New project with goal of stability with solid test coverage, accessibility, I18n support, object oriented, Features support, API base. RC Target for December 7.x-1.x branch is active, -2.x is placeholder Status at http://drupal.org/node/1115704

3 Modules LDAP Servers. Stores connection information for ldap servers and relationships between ldap and drupal users. Also contains api functions for LDAP project. LDAP Query. Stores individual queries that can be leveraged by other modules such as LDAP Feeds and LDAP Views. LDAP Authentication. Authentication and Drupal user account creation. LDAP Authorization. Conversion of ldap user data to drupal roles, organic groups and other authorization providers. LDAP Feeds. Fetchers for LDAP Queries and LDAP Users to integrate with feeds module. LDAP Views. Views module integration for LDAP Query result sets LDAP Help. Helper module for debugging configuration issues with other LDAP Modules.

4 LDAP Project Status 10/10/2011 Status Thread: http://drupal.org/node/1115704

5 LDAP Modules and Class Relationships

6 Prerequisites http://drupal.org/node/1023900 ldap php extension service account mcrypt extension open ssl or other ssl extension use LDAP Help module for checking

7 LDAP Settings

8 LDAP Servers Server Configuration != Physical Server May want more than one server configuration per physical ldap server. LDAP Server module not an LDAP Server. Just a means to query it. Get LDAP Server details from sys admins

9 LDAP Server: Server Settings

10 LDAP Server: Binding

11 LDAP Server: User Relationship (1 of 2)

12 LDAP Server: User Relationship (2 of 2)

13 LDAP Authentication: Logon Options

14 LDAP Authentication: Account Conf

15 LDAP Authorization: Design for LDAP 7

16 LDAP Authorization: Design for Drupal 8

17 LDAP Authorization: Setup 1 1.Enable LDAP Authorization and LDAP Authorization Drupal Roles 2.Create Drupal Role Instance 3.Part II most complicated IIA. cn=jdoe,ou=Group1,cn=example,cn=com IIB. memberOf => all groups in memberOf attribute IIC. Not sure what this is. 4.Filtering. Required to avoid many groups. If filtering off, create groups should also be off. 5.IV.C has to do with what you want to do manually. 6.Test to see expected behavior

18 LDAP Authorization: Adding Consumers Quite easy to add your own authorization consumers. Use ldap_authorization_drupal_role or ldap_authorization_og as examples/templates hook_ldap_authorization_consumer() is for vocabulary of user interface: function ldap_authorization_drupal_role_ldap_authorization_consumer() { $types['drupal_role'] = array( 'consumer_name' => t('drupal role'), 'consumer_name_plural' => t('drupal roles'), 'consumer_short_name' => t('role'), 'consumer_short_name_plural' => t('roles'), 'consumer_description' => t('A Drupal Role.'), 'consumer_class_name' => 'LdapAuthorizationConsumerDrupalRole', 'consumer_class_file' => 'LdapAuthorizationConsumerRole.class.php', 'consumer_module' => 'ldap_authorization_drupal_role', ); return $types; }

19 LDAP Authorization: Adding Consumers Add class that extends LdapAuthorizationConsumerAbstract and provides at least the following methods and properties: consumerType refreshConsumerIDs() availableConsumerIDs() createConsumers($creates_mixed_case) (optional) revokeSingleAuthorization(&$user, $consumer_id, &$user_auth_data) grantSingleAuthorization(&$user, $consumer_id, &$user_auth_data) usersAuthorizations(&$user)

20 LDAP Feeds For synching any ldap data with Drupal structures such as nodes, users, taxonomy, etc. Includes 2 feeds fetchers: FeedsLdapQueryFetcher for fetching generic ldap queries, configured by admins via the LDAP Query module. FeedsDrupalUserLdapEntryFetcher for fetching ldap entries of drupal users who are ldap authenticated or otherwise ldap associated. Includes 1 feeds parser: FeedsLdapEntryParser that converts ldap entries array returned from ldap_search() to standard feed parser result format. LDAP Query: Module for storing LDAP Queries used by other modules (LDAP Views, LDAP Feeds, etc). LDAP Views: Views Integration

21 Resources http://drupal.org/project/ldaphttp://drupal.org/project/ldap Project Homepage

22

Download ppt "Drupal 7 LDAP Project Overview with Authentication and Authorization Examples"

Similar presentations

MRSEC Webmasters Meeting Feb 7, 2011. Agenda Introductions Webmasters' mailing list/user group (creating space for mrsec webmasters to exchange knowledge.

MRSEC Webmasters Meeting Feb 7, Agenda Introductions Webmasters' mailing list/user group (creating space for mrsec webmasters to exchange knowledge.
© 2009 GroundWork Open Source, Inc. PROPRIETARY INFORMATION: Information contained herein is not for use or disclosure outside of GroundWork Open Source,

© 2009 GroundWork Open Source, Inc. PROPRIETARY INFORMATION: Information contained herein is not for use or disclosure outside of GroundWork Open Source,
Module 12: Auditing SQL Server Environments

Module 12: Auditing SQL Server Environments
Instant Queue IBM Techline Instant Queue Manager Deployed for IBM Techline Richard Brader IBM Techline January 2012.

Instant Queue IBM Techline Instant Queue Manager Deployed for IBM Techline Richard Brader IBM Techline January 2012.
Implementing and Administering AD FS

Implementing and Administering AD FS
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
EXtensible Catalog XC Drupal Toolkit. XC Software Overview User Interface for searching and browsing Library Website (on Drupal) VoyagerUR Research XC.

EXtensible Catalog XC Drupal Toolkit. XC Software Overview User Interface for searching and browsing Library Website (on Drupal) VoyagerUR Research XC.
Advanced Databases Basic Database Administration Guide to Oracle 10g 1.

Advanced Databases Basic Database Administration Guide to Oracle 10g 1.
James Gollan d.o: gollyg twitter: gollyg. Overview Files in Drupal 7 The media suite of modules Site recipe: Adding media to your site.

James Gollan d.o: gollyg twitter: gollyg. Overview Files in Drupal 7 The media suite of modules Site recipe: Adding media to your site.
Understanding Active Directory

Understanding Active Directory
© 2008 Cisco Systems, Inc. All rights reserved. Cisco Unity Connection 7.0 Directory Integration TOI Manoj Agrawal

© 2008 Cisco Systems, Inc. All rights reserved. Cisco Unity Connection 7.0 Directory Integration TOI Manoj Agrawal
03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.

03/07/08 © 2008 DSR and LDAP Authentication Avocent Technical Support.
BZUPAGES.COM An Introduction to. BZUPAGES.COM Introduction Large corporations today face the following problems Finding a certain file. Seeing everything.

BZUPAGES.COM An Introduction to. BZUPAGES.COM Introduction Large corporations today face the following problems Finding a certain file. Seeing everything.
Bulk E-mail facility SAG INFOTECH PVT. LTD. Service begins here…

Bulk facility SAG INFOTECH PVT. LTD. Service begins here…
Module 8 Configuring and Securing SharePoint Services and Service Applications.

Module 8 Configuring and Securing SharePoint Services and Service Applications.
Jan Hatje, DESY CSS ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron.

Jan Hatje, DESY CSS ITER March 2009: Alarm System, Authorization, Remote Management XFEL The European X-Ray Laser Project X-Ray Free-Electron.
Plant Engineering Workbench 5.3 New Features. 2 Workbench 5.3 ▼ New Features in 5.3 are: –New 3D Model Management module –Additions to the Admin module.

Plant Engineering Workbench 5.3 New Features. 2 Workbench 5.3 ▼ New Features in 5.3 are: –New 3D Model Management module –Additions to the Admin module.
WaveMaker Visual AJAX Studio 4.0 Training Authentication.

WaveMaker Visual AJAX Studio 4.0 Training Authentication.
Drupal syndication UA Webmasters May 8, 2013 Margrit McIntosh.

Drupal syndication UA Webmasters May 8, 2013 Margrit McIntosh.

Similar presentations

Ads by Google