Net::LDAP::Control::PrUseruContributed Perl Net::LDAP::Control::ProxyAuth(3pm)
Net::LDAP::Control::ProxyAuth - LDAPv3 Proxy Authentication control
$ldap = Net::LDAP->new( "ldap.mydomain.eg" );
$auth = Net::LDAP::Control::ProxyAuth->new( authzID => 'dn:cn=me,ou=people,o=myorg.com' );
@args = ( base => "cn=subnets,cn=sites,cn=configuration,$BASE_DN",
scope => "subtree",
filter => "(objectClass=subnet)",
callback => \&process_entry, # Call this sub for each entry
control => [ $auth ],
# Perform search
my $mesg = $ldap->search( @args );
# Only continue on LDAP_SUCCESS
$mesg->code and last;
"Net::LDAP::Control::ProxyAuth" provides an interface for the creation
and manipulation of objects that represent the
"proxyauthorisationControl" as described by
In addition to the constructor arguments described in
Net::LDAP::Control the following are provided.
The authzID that is required. This is the identity we are
requesting operations to use
In older versions of draft-weltman-ldapv3-proxy-XX.txt the value in
the control and thus the constructor argument was a DN and was
called "proxyDN". It served the same purpose as "authzID" in recent
versions of "proxyauthorisationControl".
Please note: Unfortunately the OID and the encoding or the
"proxyauthorisationControl" changed significantly in recent versions of
draft-weltman-ldapv3-proxy-XX.txt. Net::LDAP::Control::ProxyAuth tries
to cope with that situation and changes the OID and encoding used
depending on the constructor argument.
With "proxyDN" as constructor argument the old OID and encoding are
used, while with "authzID" as constructor argument the new OID and
encoding are used. Using this logic servers supporting either OID can
be handled correctly.
As with Net::LDAP::Control each constructor argument described above is
also available as a method on the object which will return the current
value for the attribute if called without an argument, and set a new
value for the attribute if called with an argument.
Olivier Dubois, Swift sa/nv based on Net::LDAP::Control::Page from
Graham Barr <gbarrATpobox.com>. Peter Marschall <peterATadpm.de> added
authzID extensions based on ideas from Graham Barr <gbarrATpobox.com>.
Please report any bugs, or post any suggestions, to the perl-ldap
mailing list <perl-ldapATperl.org>
Copyright (c) 2001-2004 Graham Barr. All rights reserved. This program
is free software; you can redistribute it and/or modify it under the
same terms as Perl itself.
perl v5.10.0 2008-04-21Net::LDAP::Control::ProxyAuth(3pm)