I am using devise_ldap_authenticable and logging in using uid/username. I also have 'config.ldap_create_user = true' in config/initializers/devise.rb
Now when user logs in for the first time, user entry is created in database. But only username is captured in this entry. However, I would also like to have other details from ldap profile of user such as email address.
How do I do it?
i forked the project and created a method to query LDAP
https://github.com/noel/devise_ldap_authenticatable
used like this to query for the mail parameter
Devise::LdapAdapter.get_ldap_param(self.username,"mail")
Related
I've set up an LDAP Directory Authentication Scheme on Oracle Apex (v21.1) like this, and created the ACL on my Database:
If I try to test the LDAP Login, it's working (using my firstname.lastname). I replaced the IP Address and the domain name for confidential purposes.
I can connet to my application, but I cannot access it, I can't land on the home page, because I need an authorization scheme based on the groups the users are in.
In my company, there are multipled departements, they each have a group in the Microsoft Active Directory that will give them the access to the application, each groups are named like this: GRP_Inventaire_Dpt1, GRP_Inventaire_Dpt2, GRP_Inventaire_Dpt3,....
I tried to create an Authorization Scheme based on this tutorial:
https://blog.jonas-hellmann.de/authorization-in-oracle-apex-with-ldap-groups/
I tried to adapt the code of the function as you can see on the chapter 2.3 of the tutorial, here's how I did:
And here's my authorization scheme:
As you can see on the screen, I have to write the exact group name to access to my application, but I would like to have the possiblity to check if the user is in a group which start with "GRP_Inventaire_", no matter what department he is.
Unfortunately, some things seems already weird. Why does the password need to be statically written down in the function? How can dynamically have it in the function based on the LDAP Authentication Scheme? However, I know that I can use the p_username parameter for the username.
***Finally, if I try to connect to my application, I have the error message of my Authorization scheme: ***
To summarize what I'm looking for:
Authorization scheme based on the user logging in
Check if the user is part of a group which start with "GRP_Inventaire_"
The function needs to have dynamically the credentials of the user connecting
Do not hesitate to ask questions for more details.
Don't you need to check user's security group with something like this?
DECLARE VAL BOOLEAN;
BEGIN
VAL := APEX_UTIL.CURRENT_USER_IN_GROUP('xxx');
RETURN VAL;
END;
I want to auto-assign a few of the Projects to the user who is logging in using the LDAP credentials. Currently, if LDAP user logs in, I have to go in Report Portal using super admin credentials and assign Member Role and Projects to that specific member.
I have recently tried this LDAP feature and facing this issue of the new user gets creating and assigning projects and members to each one of them. I wan some auto-assignment (like can we passed while setting LDAP setting in Report Portal)
Below is my LDAP user nperiwal with which I logged in Report Portal. But as you see this got created a new user and no project got assigned to it automatically. I want some process or code or settings which can fulfil my requirement.
FYI, see the below snapshot where I manually assigned projects and admin role.
Please help.
Simple way:
It can be done via scripting, see which requests are send to server in browser Network tab and put the same into the bash/shell script. Parametrize according to username and required access.
Long way: wait until our team will implement it within ReportPortal as feature, based on regular priority
Best way: request payed support from our team, and we will implement this capabilities for your company with highest priority. Drop mail at support#reportportal.io
I have a created a ldap server . I registered some users in that server. For now i am able to login through server using username and password of users from my mac system.But now i want to login through server using mail id and password of users instead of username and password.How to change this setting in mappings of ldap in mac.
Go through this link https://help.apple.com/advancedserveradmin/mac/10.7/#apdB5DE1FD6-4D51-4C20-BB66-982DB85DF258. it helped me a lot. we have to give DN as mail=mailaddress,OU=users,dc=example,dc=com.
and password whatever we configured during server configuration.
I'd add a new Mapping-File to the DirectoryServices as stated in http://support.apple.com/kb/PH9293?viewlocale=en_US&locale=en_US. That way you can map not only the UID or the CN for logging into the machine but also the email-address. That way you will only have to store the email-address in the corresponding field that is also used by the mail server and the possibility that one time something gets mixed up due to incomplete changes is reduced.
On the other hand it might be a lengthy process to get everything right
Update: I've just written a blog-post about mapping LDAP-Attributes to DirectoryService-Attributes. It might be helpfull here: http://andreas.heigl.org/2014/06/05/change-opendirectory-mappings/
We are using OpenDS for SMTP account status notification to notify users when their password is nearing expiration. The SMTP account status notification handler works fine to notify the user and a list of Server admins when the password is soon to expire but we are not able to find a way to have the customer's name in the email.
The notification Handler has no issue pulling the customer's email address and also referencing the password policy to correctly identify the pending password expiriation, so why not also identify the customer by name in the email? All this information is available so how would a variable be set to pull and use this customer information?
The notification handlers are quite powerful but definitely under-documented.
It's possible to identify the user by mail in the email. I've looked at the code of OpenDJ (the actively developed branch of OpenDS, http://opendj.forgerock.org), and you can reference any attribute from the user entry within the template.
More specifically for the mail attribute of the user, you should use this property in the template (templates are under config/message/ directory) :
%%notification-user-attr:mail%%
I haven't tested, but it should work.
I hope this helps.
Ludovic Poitou
PS: I've been told by our technical writer, that all tokens that can be used in the template messages is actually documented as part of OpenDJ administration guide : http://opendj.forgerock.org/doc/admin-guide/index.html#account-status-notification
Hey,
I would like to create a login system in Express + Mongoose.
I managed to create in HTML some dummy page that reads as input an username and a password and send it using backbone to the server (express) that takes the input and search in the database for some entry with the same username and password (with mongoose).
Everything works fine up until here, now my question: how can I assure my user is connected? I mean, I could possibly redirect my user to another page now that I checked that the username and the password match, but I would like to have for example "Hello username" if the user is logged, or "login" if the user is not logged. In PHP would be really easy, but how to do that with Express?
Thanks
Masiar
Check out the express session support. When the user logs in you can set the user as a property of the session. In your template you can include the user's name in the HTML if the session has an active user.