1

I'm using Devise with LDAP authentication in a Rails 4 application. The ldap.yml looks like

development:
  host: my.ldap.server
  port: 636
  attribute: sAMAccountName
  base: OU=Accounts,DC=my,DC=ldap,DC=server
  admin_user: CN=ServiceAccount,OU=LDAP,OU=Service Accounts,DC=my,DC=ldap,DC=server
  admin_password: super_secret_password
  ssl: true

production:
  ...

I want to be able to access this programmatically, but I cannot figure out how to do it. I can access by reading directly from the file by doing

ldap_config = YAML.load(ERB.new(File.read(::Devise.ldap_config || "#{Rails.root}/config/ldap.yml")).result)[Rails.env]

However, this is not 100% accurate because if the values in the file had changed without the Rails server being restarted, the "live" values that Rails is actually using would be different.

How can I get to these "live" values? I can't find anything on this.

Improve this question
3
  • Does Devise.ldap_config work on your console? And User.ldap_config? Also, I don't see a big problem accessing the yaml file directly: if you change that values, you'll need to restart the server in any case! Commented Mar 3, 2015 at 22:43
  • @dgilperez: Devise.ldap_config gives nil and User.ldap_config does not exist. Yeah, it's not that big of a deal, but something about it bugs me. Commented Mar 3, 2015 at 22:56
  • What about Devise::LDAP::Connection.new.ldap? That should let you access Devise::LDAP::Connection.new.ldap.host, Devise::LDAP::Connection.new.ldap.port and so on. Commented Mar 3, 2015 at 23:02

1 Answer 1

Reset to default
1

You can access the configuration using this: 

> Devise::LDAP::Connection.new.ldap
=> #<Net::LDAP:0x0000010e9d2da8
 @auth={:method=>:anonymous},
 @base="OU=Accounts,DC=my,DC=ldap,DC=server",
 @encryption={:method=>:simple_tls},
 @force_no_page=false,
 @host="my.ldap.server",
 @open_connection=nil,
 @port=636,
 @verbose=false>

> Devise::LDAP::Connection.new.ldap.host
=> "my.ldap.server"
> Devise::LDAP::Connection.new.ldap.port
=> 636
...
>

Like I said, I don't see much trouble in reading the file directly like you wrote. If you change the ldap.yml, you'll need to restart the server to see the changes in your LDAP configuration anyway! If you prefer, you can set up an initializer like this: 

# config/initializers/ldap.rb
LDAP_CONFIG = YAML.load(ERB.new(File.read("#{Rails.root}/config/ldap.yml")).result)[Rails.env].with_indifferent_access

And then in your code: 

LDAP_CONFIG[:admin_user] #=> "CN=ServiceAccount,OU=LDAP,OU=Service Accounts,DC=my,DC=ldap,DC=server"
LDAP_CONFIG[:admin_password] #=> "super_secret_password"
LDAP_CONFIG[:host] #=> "my.ldap.server"
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

This work for most of the properties. It is not straightforward for admin_user or admin_password. Devise::LDAP::Connection.new.ldap is of type Net::LDAP (as you can see in the output), and browsing the source of Net::LDAP reveals that it stores the name/password in @auth (also as seen above). But since @auth is not public, the only way to get to it is with some cleverness (a la this answer for example).
I see. Too hacky. I'd just use this method for the visible things, and revert to the file for the auth settings. Or just go for a initializer + constant like in my update.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.