Comments (10)
I added the following lines to omniauth-ldap-*/lib/omniauth/strategies/ldpa.rb at the top of method "callback_phase"
@options[:password] = @options[:password].sub('%{password}', request['password'])
@options[:bind_dn] = @options[:bind_dn].sub('%{username}', request['username'])
to be able to use %{password} and %{username} in the LDAP omniauth initializer
from omniauth-ldap.
pull-request #81 created.
from omniauth-ldap.
from omniauth-ldap.
Hi!
I had a bit of trouble gettting this thing to work myself. LDAP isn't the most popular way to log in but once you get it going it looks like it will work nicely with OmniAuth.
First, get a service account to bind to the LDAP server. The LDAP server si like a database so unless you are accessing it via anonymous you will need to have access to query it...Check with the LDAP admin to get this.
Once you have access, do a small test to see if you can bind to the LDAP server (like below)
require 'rubygems'
require 'net/ldap'
ldap = Net::LDAP.new
ldap.host = 'LDAPAD.SOMEWHERE.ORG'
ldap.port = 389
ldap.auth "service_account_user_name", "service_account_password"
if ldap.bind
#puts ldap.methods(:instance)
puts "authentication succeeded"
else
puts "authentication failed"
end
filter = Net::LDAP::Filter.eq( "cn", "[email protected]" )
treebase = "dc=some_dc,dc=org"
ldap.search( :base => treebase, :filter => filter ) do |entry|
puts "DN: #{entry.dn}"
entry.each do |attribute, values|
puts " #{attribute}:"
values.each do |value|
puts " --->#{value}"
end
end
end
p ldap.get_operation_result
-------------- If that binds ok then add an initializer for oauth
Rails.application.config.middleware.use OmniAuth::Builder do
provider :ldap,
:title => "WAHTEVER YOU WANT TO CALL THIS LDAP LOGIN",
:host => HOST_SERVERs.IP_OR_DOMAINNAME.ORG',
:port => 389,
:uid => 'cn', # this might be different --- might want to try to connect with a small script to try to bind...
:bind_dn => '[email protected]',
:password => 'the_password_for_the_service_account_used_to_query_ldap',
:name_proc => Proc.new {|name| name.gsub(/@.*$/,'')},
:base => 'OU=SOME_FOLDER,OU=IN_LDAP,DC=SOMEPLACE,DC=ORG'
end
This worked for me. Hopefully this helps!
--mark
from omniauth-ldap.
Cool, thanks. Will you make a pull request?
from omniauth-ldap.
Sorry, no, the code is inelegent – should be more general
Von: Alexander Menk [mailto:[email protected]]
Gesendet: Montag, 18. April 2016 17:21
An: intridea/omniauth-ldap [email protected]
Cc: Dodd, Paul Sutton (UB) [email protected]
Betreff: Re: [intridea/omniauth-ldap] Can I bind against the current user (#59)
Cool, thanks. Will you make a pull request?
—
You are receiving this because you commented.
Reply to this email directly or view it on GitHubhttps://github.com//issues/59#issuecomment-211428036
from omniauth-ldap.
@pscdodd i guess code can always be made better once there is some base? ;)
would you mind to share your version so we could potentially generalize it?
from omniauth-ldap.
thanks!
@amenk: can you work with this? would be great if there is some progress :)
from omniauth-ldap.
@vchrizz Currently it does not have priority in our project any more .. But still it is nice to have and a clean solution for future projects.
from omniauth-ldap.
Any updates?
from omniauth-ldap.
Related Issues (20)
- consider upating net-ldap to ~> 0.8.0 and rubyntlm to ~> 0.3.4 HOT 1
- consider upating net-ldap to ~> 0.8.0 and rubyntlm to ~> 0.3.4 HOT 16
- Routing Error (No route matches [POST] "/auth/ldap/callback"): HOT 1
- Timeout
- Pass :encryption as a Hash HOT 2
- ldap_error: Net::BER::BerError, Unsupported object type: id=21 HOT 1
- Please update to use latest rubyntlm HOT 1
- problem with 'filter' setting HOT 1
- NameError: uninitialized constant Net::LDAP::AuthAdapter::Sasl::MaxSaslChallenges HOT 2
- BER
- Can't authenticate using Active Directory. HOT 1
- LDAP adaptor initialization exceptions cannot be handled
- Cannot Upgrade to Version 2.0.0 Due to Omniauth Version
- SASL digest authentication uses simple bind instead
- Unclear usage of the :filter argument HOT 1
- Customize LDAP Login Page HOT 1
- Forward LDAP based SSO identity via an HTTP header (like REMOTE_USER)
- Omniauth 2.0 support?
- Publish to Rubygems.org
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from omniauth-ldap.