Domain string `form:"domain"`
Host string `form:"host"`
Port int `form:"port"`
+ UseSSL bool `form:"usessl"`
BaseDN string `form:"base_dn"`
Attributes string `form:"attributes"`
Filter string `form:"filter"`
"Domain": "Domain name",
"Host": "Host address",
"Port": "Port Number",
+ "UseSSL": "Use SSL",
"BaseDN": "Base DN",
"Attributes": "Search attributes",
"Filter": "Search filter",
Name string // canonical name (ie. corporate.ad)
Host string // LDAP host
Port int // port number
+ UseSSL bool // Use SSL
BaseDN string // Base DN
Attributes string // Attribut to search
Filter string // Query filter to validate entry
)
// Add a new source (LDAP directory) to the global pool
-func AddSource(name string, host string, port int, basedn string, attributes string, filter string, msadsaformat string) {
- ldaphost := Ldapsource{name, host, port, basedn, attributes, filter, msadsaformat, true}
+func AddSource(name string, host string, port int, usessl bool, basedn string, attributes string, filter string, msadsaformat string) {
+ ldaphost := Ldapsource{name, host, port, usessl, basedn, attributes, filter, msadsaformat, true}
Authensource = append(Authensource, ldaphost)
}
// searchEntry : search an LDAP source if an entry (name, passwd) is valide and in the specific filter
func (ls Ldapsource) SearchEntry(name, passwd string) (string, bool) {
- l, err := goldap.Dial("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port))
+ l, err := ldapDial(ls)
+
if err != nil {
log.Debug("LDAP Connect error, disabled source %s", ls.Host)
ls.Enabled = false
}
return "", true
}
+
+func ldapDial(ls Ldapsource) (*goldap.Conn, error) {
+ if ls.UseSSL {
+ return goldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port), nil)
+ } else {
+ return goldap.Dial("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port))
+ }
+}
ldapname := Cfg.MustValue(v, "name", v)
ldaphost := Cfg.MustValue(v, "host")
ldapport := Cfg.MustInt(v, "port", 389)
+ ldapusessl := Cfg.MustBool(v, "usessl", false)
ldapbasedn := Cfg.MustValue(v, "basedn", "dc=*,dc=*")
ldapattribute := Cfg.MustValue(v, "attribute", "mail")
ldapfilter := Cfg.MustValue(v, "filter", "(*)")
ldapmsadsaformat := Cfg.MustValue(v, "MSADSAFORMAT", "%s")
- ldap.AddSource(ldapname, ldaphost, ldapport, ldapbasedn, ldapattribute, ldapfilter, ldapmsadsaformat)
+ ldap.AddSource(ldapname, ldaphost, ldapport, ldapusessl, ldapbasedn, ldapattribute, ldapfilter, ldapmsadsaformat)
nbsrc++
log.Debug("%s added as LDAP source", ldapname)
}
Ldapsource: ldap.Ldapsource{
Host: form.Host,
Port: form.Port,
+ UseSSL: form.UseSSL,
BaseDN: form.BaseDN,
Attributes: form.Attributes,
Filter: form.Filter,
Ldapsource: ldap.Ldapsource{
Host: form.Host,
Port: form.Port,
+ UseSSL: form.UseSSL,
BaseDN: form.BaseDN,
Attributes: form.Attributes,
Filter: form.Filter,
</div>
</div>
+ <div class="form-group {{if .Err_UseSSL}}has-error has-feedback{{end}}">
+ <label class="col-md-3 control-label">Use SSL: </label>
+ <div class="col-md-7">
+ <input name="usessl" class="form-control" type="checkbox" {{if .Source.LDAP.UseSSL}}checked{{end}}>
+ </div>
+ </div>
+
+
<div class="form-group {{if .Err_BaseDN}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Base DN: </label>
<div class="col-md-7">
</div>
</div>
-{{template "base/footer" .}}
\ No newline at end of file
+{{template "base/footer" .}}
</div>
</div>
+ <div class="form-group {{if .Err_UseSSL}}has-error has-feedback{{end}}">
+ <label class="col-md-3 control-label">Use SSL: </label>
+ <div class="col-md-7">
+ <input name="usessl" class="form-control" type="checkbox" {{if .usessl}}checked{{end}}>
+ </div>
+ </div>
+
<div class="form-group {{if .Err_BaseDN}}has-error has-feedback{{end}}">
<label class="col-md-3 control-label">Base DN: </label>
<div class="col-md-7">
});
});
</script>
-{{template "base/footer" .}}
\ No newline at end of file
+{{template "base/footer" .}}