try retrieving groups of user
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@@ -30,7 +30,7 @@ Written by Nathan Coad (nathan.coad@dell.com)
|
|||||||
| BIND_IP | Specify the local IP address to bind to. | 127.0.0.1 | Primary IPv4 address |
|
| BIND_IP | Specify the local IP address to bind to. | 127.0.0.1 | Primary IPv4 address |
|
||||||
| BIND_PORT | Specify the TCP/IP port to bind to. | 443 | 8443 |
|
| BIND_PORT | Specify the TCP/IP port to bind to. | 443 | 8443 |
|
||||||
| LDAP_BIND_ADDRESS | If LDAP integration is needed, specify the LDAP Bind address. Only LDAPS on port 636 is supported. Do not specify port 636 in the bind address | dc.example.com | No default specified |
|
| LDAP_BIND_ADDRESS | If LDAP integration is needed, specify the LDAP Bind address. Only LDAPS on port 636 is supported. Do not specify port 636 in the bind address | dc.example.com | No default specified |
|
||||||
| LDAP_BASE_DN | If LDAP integration is needed, specify the base DN to use when binding to AD | "OU=Users,DC=example,DC=com" | No default specified |
|
| LDAP_BASE_DN | If LDAP integration is needed, specify the base DN to use when binding to AD | "CN=Users,DC=example,DC=com" | No default specified |
|
||||||
| LDAP_TRUST_CERT_FILE | If LDAP integration is needed, specify filepath to PEM format public certificate of Certificate Authority signing LDAPS communications | caroot.pem | No default specified, must define this value |
|
| LDAP_TRUST_CERT_FILE | If LDAP integration is needed, specify filepath to PEM format public certificate of Certificate Authority signing LDAPS communications | caroot.pem | No default specified, must define this value |
|
||||||
| TLS_KEY_FILE | Specify the filename of the TLS certificate private key (must be unencrypted) in PEM format | key.pem | privkey.pem |
|
| TLS_KEY_FILE | Specify the filename of the TLS certificate private key (must be unencrypted) in PEM format | key.pem | privkey.pem |
|
||||||
| TLS_CERT_FILE | Specify the filename of the TLS certificate file in PEM format | cert.pem | cert.pem |
|
| TLS_CERT_FILE | Specify the filename of the TLS certificate file in PEM format | cert.pem | cert.pem |
|
||||||
|
|||||||
@@ -213,6 +213,7 @@ func VerifyLdapCreds(username string, password string) bool {
|
|||||||
log.Printf("VerifyLdapCreds successfully bound to LDAP\n")
|
log.Printf("VerifyLdapCreds successfully bound to LDAP\n")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
log.Printf("Attempting LDAP search request from base DN '%s'\n", LdapBaseDn)
|
log.Printf("Attempting LDAP search request from base DN '%s'\n", LdapBaseDn)
|
||||||
searchReq := ldap.NewSearchRequest(
|
searchReq := ldap.NewSearchRequest(
|
||||||
LdapBaseDn,
|
LdapBaseDn,
|
||||||
@@ -232,6 +233,14 @@ func VerifyLdapCreds(username string, password string) bool {
|
|||||||
}
|
}
|
||||||
|
|
||||||
log.Printf("result: %v\n", result)
|
log.Printf("result: %v\n", result)
|
||||||
|
*/
|
||||||
|
|
||||||
|
groups, err := GetGroupsOfUser(username, LdapBaseDn, ldaps)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("VerifyLdapCreds group search error : '%s'\n", err)
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
fmt.Printf("groups: %v\n", groups)
|
||||||
|
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|||||||
2
test.env
2
test.env
@@ -5,7 +5,7 @@ TOKEN_HOUR_LIFESPAN=168
|
|||||||
BIND_IP=
|
BIND_IP=
|
||||||
BIND_PORT=8443
|
BIND_PORT=8443
|
||||||
LDAP_BIND_ADDRESS=adcp12.cdc.home
|
LDAP_BIND_ADDRESS=adcp12.cdc.home
|
||||||
LDAP_BASE_DN=OU=Users,DC=cdc,DC=home
|
LDAP_BASE_DN=CN=Users,DC=cdc,DC=home
|
||||||
LDAP_TRUST_CERT_FILE=
|
LDAP_TRUST_CERT_FILE=
|
||||||
TLS_KEY_FILE=key.pem
|
TLS_KEY_FILE=key.pem
|
||||||
TLS_CERT_FILE=cert.pem
|
TLS_CERT_FILE=cert.pem
|
||||||
Reference in New Issue
Block a user