Devise with ActiveLDAP

[unixmechanic]

Hi Kou,

is this active work? I would like to enable authentication/authorization in my project which uses ActiveLdap for the models. I would like to authenticate against the corporate ActiveDirectory servers, which are different from the servers used to store the model data. What options do I have here?

[kou]

It is not active. :<
But I will show you an example.

First, implement LdapUser.authenticate like https://github.com/activeldap/al-admin/blob/rails2/app/models/ldap_user.rb and User.authenticate like https://github.com/activeldap/al-admin/blob/rails2/app/models/user.rb.

Then, define a new Warden strategy:

Warden::Strategies.add(:ldap) do
  def valid?
    params[:username] || params[:password]
  end

  def authenticate!
    u = User.authenticate(params[:username], params[:password])
    u.nil? ? fail!("Could not log in") : success!(u)
  end
end

The strategy implementation is derived from https://github.com/hassox/warden/wiki/Strategies.

Finally, use the strategy in Devise:

Device.setup do |config|
  # ...
  config.warden do |manager|
    manager.default_strategies(:scope => :use).unshift(:ldap)
  end
end

Note that I don't try the example. Sorry. 😉