Hello everyone,
I’m working on an application which clients are organizations; each organization has many employees, the users of the application. Not all the employees are users of the application, so each organization has a manager that sign up the employees that will be users.
One of our clients is asking us to use their LDAP authentication system, so that users don’t have to learn a new login and password.
Currently, authentication is done using Devise. I’ve found an article in their wiki (https://github.com/plataformatec/devise/wiki/How-To:-Authenticate-via-LDAP) that explains how to add a new Warden strategy to deal with LDAP.
I’ve done a small modification so that if a user is authenticated by LDAP but not registered in the application, it will not create a new account for him, but show an invalid login message: https://gist.github.com/jdanielnd/a0e6a73f3f5f9b3462a6.
However this is the behavior I need: the organization model will have a flag for LDAP authentication and a LdapSettings object with the LDAP settings data.
-
If the user email belongs to a user in an organization that uses LDAP authentication, it will grap the LDAP settings from that organization and try to authenticate the user.
-
If the user email doesn’t not belong to user in an organization that uses LDAP authentication, it tries to authenticate him against the database as usual.
I don’t know much about Devise. Is it possible? Does anyone have any idea how can I achieve this?
Thanks!