internal package Foswiki::Users::LdapUserMapping
See PublishedAPI for packages intended to be used by Plugin and Contrib authors, or browse all packages.
See also Developing plugins, Developer's Bible, Technical Overview


This class allows to use user names and groups stored in an LDAP database inside Foswiki in a transparent way. This replaces Foswiki's native way to represent users and groups using topics with according LDAP records.

new($session) → $ldapUserMapping

create a new Foswiki::Users::LdapUserMapping object and constructs an LdapContrib object to delegate LDAP services to.


Complete processing after the client's HTTP request has been responded to. I.e. it disconnects the LDAP database connection.


Static method to write a debug messages.

addUser ($login, $wikiname, $password, $emails) → $cUID

overrides and thus disables the SUPER method

getWikiName ($cUID) → wikiname

Maps a canonical user name to a wikiname

getEmails($cUID) → @emails

emails might be stored in the ldap account as well if the record is of type possixAccount and inetOrgPerson. if this is not the case we fallback to the default behavior

userExists($cUID) → $boolean

Determines if the user already exists or not.

eachUser () → listIterator of cUIDs

returns a list iterator for all known users

eachGroup () → listIterator of groupnames

returns a list iterator for all known groups

getListOfGroups( ) → @listOfUserObjects

Get a list of groups defined in the LDAP database. If nativeGroupsBackoff is defined the set of LDAP and native groups will merged whereas LDAP groups have precedence in case of a name clash.

eachGroupMember ($groupName) → listIterator of cUIDs

returns a list iterator for all groups members

eachMembership ($cUID) → listIterator of groups this user is in

returns a list iterator for all groups a user is in.

isGroup($user) → $boolean

Establish if a user object refers to a user group or not. This returns true for the SuperAdminGroup or the known LDAP groups. Finally, if nativeGroupsBackoff is set the native mechanism are used to check if $user is a group

findUserByEmail( $email ) → \@cUIDs

  • $email - email address to look up

Return a list of canonical user names for the users that have this email registered with the password manager or the user mapping manager.

findUserByWikiName ($wikiName) → list of cUIDs associated with that wikiname

See baseclass for documentation

handlesUser($cUID, $login, $wikiName) → $boolean

Called by the Foswiki::Users object to determine which loaded mapping to use for a given user.

The user can be identified by any of $cUID, $login or $wikiName. Any of these parameters may be undef, and they should be tested in order; cUID first, then login, then wikiName.

login2cUID($loginName, $dontcheck) → $cUID

Convert a login name to the corresponding canonical user name. The canonical name can be any string of 7-bit alphanumeric and underscore characters, and must correspond 1:1 to the login name. (undef on failure)

(if dontcheck is true, return a cUID for a nonexistant user too. This is used for registration)

groupAllowsChange($group, $cuid) → boolean

normally, ldap-groups are read-only as they are maintained using ldap-specific tools.

this method only returns 1 if the group is a topic-based group

Topic revision: r1 - 21 Nov 2014, ProjectContributor
This site is powered by FoswikiCopyright © by the contributing authors. All material on this site is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback