[Devel] OpenSer auth_ldap module

[Volkov Alexei]

Hi All!

After couple days googling over the web i found that ldap authentication 
to openser is available via radius module.
As for me as a relatively new user to openser it is rather difficult to 
build full chain ldap+radius+openser to make complete authorization and 
accounting. For example, in my  case just a simple authentication 
against ldap database is needed , and unfortunately i do not found any  
usable code to patch openser to directly authenticate user in LDAP.
Spending some time more I have developed auth_ldap module for openser. 
If it can be usable for the community i would like to open and share it 
to openser project.

Some features of my auth_ldap module can be represented by following 
openser.cfg lines.

loadmodule "auth.so"
loadmodule "auth_ldap.so"
loadmodule "uac.so"

....
modparam("auth_ldap", "ldap_server", "ldap://localhost")
modparam("auth_ldap", "ldap_bind_dn", "cn=admin,dc=domain")
modparam("auth_ldap", "ldap_bind_passwd", "secret")
modparam("auth_ldap", "ldap_base_dn", "ou=Users,dc=domain")
modparam("auth_ldap", "ldap_search_filter", 
"(&(OpenSerAccount=%s)(OpenSerEnabled=TRUE))")
modparam("auth_ldap", "ldap_passwd_attr", "OpenSerPassword")
modparam("auth_ldap", "ldap_debug_encoding", "koi8-r")
modparam("auth_ldap", "ldap_avp_attrs", "cn,OpenSerGroup")
modparam("auth_ldap", "ldap_avp_prefix", "ldap_")
....
route{
...
                       if (!ldap_www_authorize("domain")) { # 
authorization and  account avp creatied here
                                www_challenge("domain", "1");
                                exit;
                        };
....
uac_replace_from("$avp(s:ldap_cn)","");
...
append_hf("P-hint-openser-account-group: $avp(s:ldap_OpenSerGroup)\r\n");
...
}

WBR,
Alexei Volkov.