我正在尝试从rails + devise_ldap_authenticatable上的ldap获取用户属性 (devise_ldap_authenticatable 0.8.1,rails 3.2.14)
Blow是我的配置
devise.rb
config.ldap_logger = true
config.ldap_create_user = true
config.ldap_config = "#{Rails.root}/config/ldap.yml"
ldap.yml(./ config /ldap.yml)
authorizations: &AUTHORIZATIONS
group_base: OU=Employee,OU=Person,DC=TEST,DC=AD
required_groups:
- CN=users,OU=Employee,OU=Person,DC=TEST,DC=AD
require_attribute:
objectClass: inetOrgPerson
authorizationRole: postsAdmin
development:
host: 192.168.1.10
port: 389
attribute: CN
base: OU=Employee,OU=Person,DC=TEST,DC=AD
ssl: false
user.rb
devise :ldap_authenticatable, :registerable, revoerable,
:rememberable, :trackable, :validatable
before_save :get_ldap_email
def get_ldap_email
self.email = Devise::LDAP::Adapter.get_ldap_param(self.username, "mail")
end
,我的LDAP(AD)状态为
CN=12345678,OU=Employee,OU=Person,DC=TEST,DC=AD is exist
and it has mail attribute => "12345678@test.com"
登录过程很好 但它没有得到任何属性
日志是......
User Load (0.3ms) SELECT `users`.* FROM `users` WHERE `users`.`username` = '12345678' ORDER BY created_at DESC LIMIT 1
LDAP: LDAP dn lookup: CN=12345678
LDAP: LDAP search for login: CN=12345678
LDAP: LDAP search yielded 0 matches
LDAP: Authorizing user 12345678@test.ad
LDAP: LDAP dn lookup: CN=12345678
LDAP: LDAP search for login: CN=12345678
LDAP: LDAP search yielded 0 matches
和
Devise::LDAP::Adapter.get_ldap_param(self.username, "mail")
#It returns nil
也许查找地址错了...... (也许CN = 12345678,OU =员工,OU =人,DC = TEST,DC = AD是正确的)
我该如何解决? 我如何获得用户属性? (例如:邮件......)
答案 0 :(得分:4)
试试这个:
def get_ldap_email
self.email = Devise::LDAP::Adapter.get_ldap_param(self.username,"mail").first
end
before_save :get_ldap_email
admin_user:您正确的root dn
admin_password:你纠正了pw
在devise.rb
config.ldap_use_admin_to_bind = true