我按照这些说明通过我的Rails应用程序中的Devise设置基本LDAP身份验证: http://blackfistsecurity.blogspot.dk/2011/12/rails-authentication-using-devise-and.html
首次使用AD帐户登录会在数据库中创建相应的用户,从get_ldap_param()找到的AD帐户的对象属性中填充姓氏,名字,显示名称和电子邮件
当AD用户有空白属性(例如空白姓氏(AD属性'sn'))时,该过程工作正常除外 - 导致以下错误:
NoMethodError in Devise::SessionsController#create
undefined method `sn' for #<Net::LDAP::Entry:0x00000004920758>
用户模型如下:
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :token_authenticatable, :encryptable, :confirmable, :lockable, :timeoutable and :omniauthable
devise :ldap_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable
attr_accessible :username, :email, :password, :password_confirmation, :remember_me, :firstname, :lastname, :displayname
before_save :get_ldap_lastname, :get_ldap_firstname, :get_ldap_displayname, :get_ldap_email
def get_ldap_lastname
Rails::logger.info("### Getting the users last name")
tempname = Devise::LdapAdapter.get_ldap_param(self.username,"sn")
puts "\tLDAP returned lastname of " + tempname
self.lastname = tempname
end
def get_ldap_firstname
Rails::logger.info("### Getting the users first name")
tempname = Devise::LdapAdapter.get_ldap_param(self.username,"givenname")
puts "\tLDAP returned firstname of " + tempname
self.firstname = tempname
end
def get_ldap_displayname
Rails::logger.info("### Getting the users display name")
tempname = Devise::LdapAdapter.get_ldap_param(self.username,"displayname")
self.displayname = tempname
end
def get_ldap_email
Rails::logger.info("### Getting the users email address")
tempmail = Devise::LdapAdapter.get_ldap_param(self.username,"mail")
self.email = tempmail
end
end
错误来自此次电话:
Devise::LdapAdapter.get_ldap_param(self.username,"sn")
当get_ldap_param遇到空白属性时,我希望它返回空白而不是未定义。
我尝试使用以下代码解决该问题,但它不起作用,因为在调用get_ldap_param时发生错误。
if tempname.none?
tempname = ""
end
我是否需要修改Devise gem来执行此操作,还是可以在调用后以某种方式完成?
请原谅我的新闻
由于
答案 0 :(得分:1)
这看起来像devise_ldap_authenticatable设计模块中的错误。它正在使用method accessor for the LDAP entry attribute values instead of the hash operatior:
def ldap_param_value(param)
filter = Net::LDAP::Filter.eq(@attribute.to_s, @login.to_s)
ldap_entry = nil
@ldap.search(:filter => filter) {|entry| ldap_entry = entry}
if ldap_entry
if ldap_entry[param]
DeviseLdapAuthenticatable::Logger.send("Requested param #{param} has value #{ldap_entry.send(param)}")
value = ldap_entry.send(param)
value = value.first if value.is_a?(Array) and value.count == 1
value
根据ruby-net-ldap的文档,应该使用哈希访问器来检索如下值:
def ldap_param_value(param)
filter = Net::LDAP::Filter.eq(@attribute.to_s, @login.to_s)
ldap_entry = nil
@ldap.search(:filter => filter) {|entry| ldap_entry = entry}
if ldap_entry
if value = ldap_entry[param]
DeviseLdapAuthenticatable::Logger.send("Requested param #{param} has value #{value}")
value = value.first if value.is_a?(Array) and value.count == 1
value
这是一个错误,您可以使用此信息使用devise_ldap_authenticatable更新the issue you filed。