Sha256: c48b3ff55e49d60bcca9b12d71fed12cd854048a684fe717d0af8843d2173bd8
Contents?: true
Size: 1.5 KB
Versions: 5
Compression:
Stored size: 1.5 KB
Contents
require_relative '../auth_adapter'
require_relative 'sasl'
module Net
class LDAP
module AuthAdapers
#--
# PROVISIONAL, only for testing SASL implementations. DON'T USE THIS YET.
# Uses Kohei Kajimoto's Ruby/NTLM. We have to find a clean way to
# integrate it without introducing an external dependency.
#
# This authentication method is accessed by calling #bind with a :method
# parameter of :gss_spnego. It requires :username and :password
# attributes, just like the :simple authentication method. It performs a
# GSS-SPNEGO authentication with the server, which is presumed to be a
# Microsoft Active Directory.
#++
class GSS_SPNEGO < Net::LDAP::AuthAdapter
def bind(auth)
require 'ntlm'
user, psw = [auth[:username] || auth[:dn], auth[:password]]
raise Net::LDAP::BindingInformationInvalidError, "Invalid binding information" unless (user && psw)
nego = proc do |challenge|
t2_msg = NTLM::Message.parse(challenge)
t3_msg = t2_msg.response({ :user => user, :password => psw },
{ :ntlmv2 => true })
t3_msg.serialize
end
Net::LDAP::AuthAdapter::Sasl.new(@connection).bind \
:method => :sasl,
:mechanism => "GSS-SPNEGO",
:initial_credential => NTLM::Message::Type1.new.serialize,
:challenge_response => nego
end
end
end
end
end
Version data entries
5 entries across 5 versions & 1 rubygems