Apache-Perl module authorizes website users based on their LDAP attributes.
To use the module, you need to set some variables that define the LDAP server and the attributes that will be used to authorize users. The variables that need to be set include BindDN, BindPWD, BaseDN, LDAPServer, LDAPPort and UIDAttr.
Once you have authenticated a user, this module can be used to determine whether they are authorized to access the web resource under its control. There are four methods that can be used to control authorization, two of which are standard and two of which are specific to LDAP.
The first standard method is 'user' which will authorize access if the authenticated user's username matches the specified user. The second standard method is 'valid-user' which will authorize any authenticated user.
The third method is 'group' which will authorize any authenticated user who is a member of the LDAP group that is specified by groupdn. This module supports groupOfMember, groupOfUniquemember and Netscape's dynamic group object classes.
The fourth method is 'ldap-url' which will authorize any authenticated user who matches the query specified in the given LDAP URL. This allows for flexible control over user authorization, especially when using Netscape's dynamic groups.
Overall, Apache::AuthzNetLDAP is a powerful module that provides a variety of methods for controlling user authorization based on LDAP attributes. Its flexibility and ease of use make it a valuable asset for managing access to web resources in a secure and efficient manner.
Version 0.07: N/A