Perforce Public Knowledge Base - Authentication Triggers: Example Script Details
× PRODUCTS SOLUTIONS CUSTOMERS LEARN SUPPORT
Downloads Blog Company Integrations Careers Contact Try Free
Menu Search
Perforce
Reset Search
 

 

Article

Authentication Triggers: Example Script Details

« Go Back

Information

 
Problem
There are several trigger examples available in KB Article, "Authenticating with LDAP."
 
Solution
The trigger examples below contain source and pre-compiled binaries for LDAP and Active Directory authentication for both Windows and Unix platforms. TLS encryption is only enabled for the Unix triggers.

Example Set 1:
p4authenticate.pl and p4authenticate.c

Perl and C source code for use with Unix/LDAP. Includes TLS encryption. To run on Unix/Active Directory, remove this line:
rc = ldap_start_tls_s( ld, NULL, NULL );

Example Set 2:
p4auth_ad.cpp-windows and p4auth_ad.exe

Source and pre-compiled trigger for Windows, LDAP, or Active Directory.

Has Windows-specific header information and no TLS encryption, since that is not supported in Active Directory out of the box. It is otherwise identical to p4authenticate.pl and p4authenticate.c. It is possible to make Active Directory work with TLS, but it requires you to set up a Certificate Authority (CA).

Since there is no TLS encryption, the password can be sent in plain text. Currently the options to avoid this are to use a secure tunneling program from the Perforce server to the authentication server (stunnel, for example), or to change the authentication method the trigger uses to bind with the authentication server.

Change the line:
#define AUTH_METHOD LDAP_AUTH_SIMPLE 
To:
#define AUTH_METHOD LDAP_AUTH_NEGOTIATE

Example Set 3:
p4auth_ad-unix.cpp and p4auth_ad

Source for Unix systems,  pre-compiled binary for Linux.

There is currently no additional information on these triggers.


Example Set 4:
p4auth_ad-unix-no_null.cpp and p4auth_ad-no_null

Source for Unix systems,  pre-compiled binary for Linux. For use with Active Directory.

As with the Windows active directory triggers, p4auth_ad.cpp-windows and p4auth_ad.exe, TLS encryption is not enabled. Use the instructions for changing the source for p4auth_ad.exe before compiling p4auth_ad-unix-no_null.cpp to change the trigger authentication method.

Unicode support

All of the above triggers support Unicode user names. Passwords should still be provided in ASCII text, since some of our client programs (such as P4Win) enforce this limitation.
 

Notes

If you want to create an exception for a class of users (for example, automation users or contractors), the preferred solution is to add those users to the authentication server with appropriately restricted rights.
Related Links
Authentication Triggers: Compiling the LDAP Examples
KB Authenticating with LDAP
KB articlep4auth ad
Pre-compiled auth trigger (Linux)p4auth ad-no null
Pre-compiled auth trigger (Linux)p4auth ad-unix-no null.cpp
C++ Linux/Unix trigger sourcep4auth ad-unix.cpp
C++ Linux/Unix trigger sourcep4auth ad.cpp-windows
C++ trigger source (Windows)p4auth ad.exe
Pre-compiled auth trigger (Windows)p4authenticate.c
C/C++ trigger examplep4authenticate.pl
Perl trigger example

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255