2006-05-03 09:22:14 +02:00
|
|
|
We're pleased to announce version 0.0.2 of Net::LDAP, the first
|
2006-05-01 07:27:29 +02:00
|
|
|
pure-Ruby LDAP library. Net::LDAP intends to be a feature-complete
|
|
|
|
LDAP client which can access as much as possible of the functionality
|
2006-05-01 22:31:33 +02:00
|
|
|
of the most-used LDAP server implementations. This library does
|
|
|
|
not wrap any existing native-code LDAP libraries, creates no
|
2006-05-01 22:50:26 +02:00
|
|
|
Ruby extensions, and has no dependencies external to Ruby.
|
2006-05-01 07:27:29 +02:00
|
|
|
|
2006-05-03 09:22:14 +02:00
|
|
|
Version 0.0.2 includes an implementation of the "paged search
|
|
|
|
control" to enable queries of A/D result sets > 1000 entries.
|
|
|
|
It also fills in some holes in the documentation.
|
2006-05-01 07:27:29 +02:00
|
|
|
|
2006-07-12 10:53:53 +02:00
|
|
|
We fixed a handful of issues that gave strange-looking errors when
|
|
|
|
working with A/D. The most important of these was support for search
|
|
|
|
referrals.
|
|
|
|
|
|
|
|
Net::LDAP now works with standard RFC-2254 filter strings (see
|
|
|
|
Net::LDAP::Filter#construct). This is intended as an adjunct to
|
|
|
|
(not a replacement for) the existing Filter API, which is considerably
|
|
|
|
easier to use for people who are not LDAP experts.
|
|
|
|
|
|
|
|
We added a range of new APIs, and deprecated some existing ones.
|
|
|
|
The goal is to make the Net::LDAP API as intuitive and Ruby-like
|
|
|
|
as possible. We'll be adding more improvements to the API as we
|
|
|
|
go along.
|
|
|
|
|
2006-07-12 11:20:05 +02:00
|
|
|
Please note that Net::LDAP is licensed under the Ruby license
|
|
|
|
or LGPL, at your option. (I'm saying it publicly right here!)
|
|
|
|
There are still many source files in the distro that contain
|
|
|
|
GPL verbiage. We will clean that up in a future release.
|
|
|
|
|
2006-05-03 09:22:14 +02:00
|
|
|
And finally we fixed the annoying problem that the 0.0.1 gem
|
|
|
|
and tarball had trailing garbage. Thanks to Austin for helping
|
2006-07-12 10:53:53 +02:00
|
|
|
track that down. Thanks also to Andre Nathan and others for
|
|
|
|
several valuable suggestions and notes on your experience with
|
|
|
|
the library.
|
2006-04-30 05:34:34 +02:00
|
|
|
|
2006-07-12 11:07:30 +02:00
|
|
|
Progress so far: Net::LDAP is now in use on a variety of production
|
|
|
|
sites. Stability has been excellent, and performance is quite good.
|
|
|
|
We've found by far that the most popular application is authentication
|
|
|
|
for users of web sites, but there has been some chatter about
|
|
|
|
authorization as well, and a few of you are building directory-enabled
|
|
|
|
applications.
|
|
|
|
|
2006-07-12 11:21:46 +02:00
|
|
|
What's next on the roadmap?
|
2006-07-12 11:07:30 +02:00
|
|
|
|
|
|
|
Many of you have requested support for encryption. We will soon be
|
|
|
|
adding support for STARTTLS and LDAPS to Net::LDAP, using Ruby's
|
|
|
|
built-in OpenSSL library.
|
|
|
|
|
|
|
|
We'd like to improve the API so it presents a more search-like interface
|
|
|
|
and further masks the archaic (and arcane) native LDAP vocabulary.
|
|
|
|
|
|
|
|
We have a project going ("Peregrine") to provide a full-featured
|
|
|
|
LDAP server in Ruby, based on the EventMachine fast network-IO library,
|
|
|
|
that you can use with your own Ruby classes. This will allow you
|
|
|
|
to serve LDAP clients (such as mailers, IM, and calendaring apps) with data
|
|
|
|
that you generate dynamically from your own code.
|
|
|
|
|
|
|
|
Finally, we've started thinking about an authentication generator or
|
|
|
|
plugin for Rails that will work against LDAP servers. It would be even
|
|
|
|
more interesting to augment it with fine-grained authorization at the
|
|
|
|
controller level.
|
|
|
|
|
|
|
|
If anyone wants to contribute suggestions, insights or (especially)
|
|
|
|
code, please email me at garbagecat10@gmail.com.
|
|
|
|
|
2006-04-30 05:34:34 +02:00
|
|
|
= What is Net::LDAP for Ruby?
|
2006-05-01 07:27:29 +02:00
|
|
|
This library provides a pure-Ruby implementation of an LDAP client.
|
|
|
|
It can be used to access any server which implements the LDAP protocol.
|
|
|
|
|
|
|
|
Net::LDAP is intended to provide full LDAP functionality while hiding
|
|
|
|
the more arcane aspects of the LDAP protocol itself, so as to make the
|
|
|
|
programming interface as Ruby-like as possible.
|
|
|
|
|
|
|
|
In particular, this means that there is no direct dependence on the
|
|
|
|
structure of the various "traditional" LDAP clients. This is a ground-up
|
|
|
|
rethinking of the LDAP API.
|
|
|
|
|
2006-07-12 11:07:30 +02:00
|
|
|
Net::LDAP is based on RFC-2251, which specifies the Lightweight Directory
|
2006-05-01 07:27:29 +02:00
|
|
|
Access Protocol, as amended and extended by subsequent RFCs and by the more
|
|
|
|
widely-used directory implementations.
|
2006-04-30 05:34:34 +02:00
|
|
|
|
2006-05-01 20:07:42 +02:00
|
|
|
Homepage:: http://rubyforge.org/projects/net-ldap/
|
|
|
|
Download:: http://rubyforge.org/frs/?group_id=143
|
|
|
|
Copyright:: 2006 by Francis Cianfrocca
|
2006-04-30 05:34:34 +02:00
|
|
|
|
|
|
|
== LICENCE NOTES
|
2006-05-01 07:27:29 +02:00
|
|
|
Please read the file LICENCE for licensing restrictions on this library. In
|
|
|
|
the simplest terms, this library is available under the same terms as Ruby
|
|
|
|
itself.
|
2006-04-30 05:34:34 +02:00
|
|
|
|
|
|
|
== Requirements and Installation
|
|
|
|
Net::LDAP requires Ruby 1.8.2 or better.
|
|
|
|
|
|
|
|
Net::LDAP can be installed with:
|
|
|
|
|
|
|
|
% ruby setup.rb
|
|
|
|
|
|
|
|
Alternatively, you can use the RubyGems version of Net::LDAP available
|
2006-07-12 10:53:53 +02:00
|
|
|
as ruby-net-ldap-0.0.2.gem from the usual sources.
|
2006-04-30 05:34:34 +02:00
|
|
|
|
|
|
|
== Whet your appetite:
|
2006-05-01 07:27:29 +02:00
|
|
|
require 'net/ldap'
|
|
|
|
|
|
|
|
ldap = Net::LDAP.new :host => server_ip_address,
|
|
|
|
:port => 389,
|
|
|
|
:auth => {
|
|
|
|
:method => :simple,
|
|
|
|
:username => "cn=manager,dc=example,dc=com",
|
|
|
|
:password => "opensesame"
|
|
|
|
}
|
|
|
|
|
|
|
|
filter = Net::LDAP::Filter.eq( "cn", "George*" )
|
|
|
|
treebase = "dc=example,dc=com"
|
|
|
|
|
|
|
|
ldap.search( :base => treebase, :filter => filter ) do |entry|
|
|
|
|
puts "DN: #{entry.dn}"
|
|
|
|
entry.each do |attribute, values|
|
|
|
|
puts " #{attribute}:"
|
|
|
|
values.each do |value|
|
|
|
|
puts " --->#{value}"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
p ldap.get_operation_result
|
2006-04-30 05:34:34 +02:00
|
|
|
|
2006-05-03 09:22:14 +02:00
|
|
|
== Net::LDAP 0.0.2: May 3, 2006
|
|
|
|
* Fixed malformation in distro tarball and gem.
|
|
|
|
* Improved documentation.
|
|
|
|
* Supported "paged search control."
|
2006-04-30 05:34:34 +02:00
|
|
|
|