@@ -21,6 +21,7 @@ type AuthenticationForm struct { | |||
Domain string `form:"domain"` | |||
Host string `form:"host"` | |||
Port int `form:"port"` | |||
UseSSL bool `form:"usessl"` | |||
BaseDN string `form:"base_dn"` | |||
Attributes string `form:"attributes"` | |||
Filter string `form:"filter"` | |||
@@ -37,6 +38,7 @@ func (f *AuthenticationForm) Name(field string) string { | |||
"Domain": "Domain name", | |||
"Host": "Host address", | |||
"Port": "Port Number", | |||
"UseSSL": "Use SSL", | |||
"BaseDN": "Base DN", | |||
"Attributes": "Search attributes", | |||
"Filter": "Search filter", |
@@ -18,6 +18,7 @@ type Ldapsource struct { | |||
Name string // canonical name (ie. corporate.ad) | |||
Host string // LDAP host | |||
Port int // port number | |||
UseSSL bool // Use SSL | |||
BaseDN string // Base DN | |||
Attributes string // Attribut to search | |||
Filter string // Query filter to validate entry | |||
@@ -31,8 +32,8 @@ var ( | |||
) | |||
// Add a new source (LDAP directory) to the global pool | |||
func AddSource(name string, host string, port int, basedn string, attributes string, filter string, msadsaformat string) { | |||
ldaphost := Ldapsource{name, host, port, basedn, attributes, filter, msadsaformat, true} | |||
func AddSource(name string, host string, port int, usessl bool, basedn string, attributes string, filter string, msadsaformat string) { | |||
ldaphost := Ldapsource{name, host, port, usessl, basedn, attributes, filter, msadsaformat, true} | |||
Authensource = append(Authensource, ldaphost) | |||
} | |||
@@ -52,7 +53,8 @@ func LoginUser(name, passwd string) (a string, r bool) { | |||
// searchEntry : search an LDAP source if an entry (name, passwd) is valide and in the specific filter | |||
func (ls Ldapsource) SearchEntry(name, passwd string) (string, bool) { | |||
l, err := goldap.Dial("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port)) | |||
l, err := ldapDial(ls) | |||
if err != nil { | |||
log.Debug("LDAP Connect error, disabled source %s", ls.Host) | |||
ls.Enabled = false | |||
@@ -85,3 +87,11 @@ func (ls Ldapsource) SearchEntry(name, passwd string) (string, bool) { | |||
} | |||
return "", true | |||
} | |||
func ldapDial(ls Ldapsource) (*goldap.Conn, error) { | |||
if ls.UseSSL { | |||
return goldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port), nil) | |||
} else { | |||
return goldap.Dial("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port)) | |||
} | |||
} |
@@ -195,11 +195,12 @@ func newLdapService() { | |||
ldapname := Cfg.MustValue(v, "name", v) | |||
ldaphost := Cfg.MustValue(v, "host") | |||
ldapport := Cfg.MustInt(v, "port", 389) | |||
ldapusessl := Cfg.MustBool(v, "usessl", false) | |||
ldapbasedn := Cfg.MustValue(v, "basedn", "dc=*,dc=*") | |||
ldapattribute := Cfg.MustValue(v, "attribute", "mail") | |||
ldapfilter := Cfg.MustValue(v, "filter", "(*)") | |||
ldapmsadsaformat := Cfg.MustValue(v, "MSADSAFORMAT", "%s") | |||
ldap.AddSource(ldapname, ldaphost, ldapport, ldapbasedn, ldapattribute, ldapfilter, ldapmsadsaformat) | |||
ldap.AddSource(ldapname, ldaphost, ldapport, ldapusessl, ldapbasedn, ldapattribute, ldapfilter, ldapmsadsaformat) | |||
nbsrc++ | |||
log.Debug("%s added as LDAP source", ldapname) | |||
} |
@@ -44,6 +44,7 @@ func NewAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) { | |||
Ldapsource: ldap.Ldapsource{ | |||
Host: form.Host, | |||
Port: form.Port, | |||
UseSSL: form.UseSSL, | |||
BaseDN: form.BaseDN, | |||
Attributes: form.Attributes, | |||
Filter: form.Filter, | |||
@@ -121,6 +122,7 @@ func EditAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) { | |||
Ldapsource: ldap.Ldapsource{ | |||
Host: form.Host, | |||
Port: form.Port, | |||
UseSSL: form.UseSSL, | |||
BaseDN: form.BaseDN, | |||
Attributes: form.Attributes, | |||
Filter: form.Filter, |
@@ -53,6 +53,14 @@ | |||
</div> | |||
</div> | |||
<div class="form-group {{if .Err_UseSSL}}has-error has-feedback{{end}}"> | |||
<label class="col-md-3 control-label">Use SSL: </label> | |||
<div class="col-md-7"> | |||
<input name="usessl" class="form-control" type="checkbox" {{if .Source.LDAP.UseSSL}}checked{{end}}> | |||
</div> | |||
</div> | |||
<div class="form-group {{if .Err_BaseDN}}has-error has-feedback{{end}}"> | |||
<label class="col-md-3 control-label">Base DN: </label> | |||
<div class="col-md-7"> | |||
@@ -147,4 +155,4 @@ | |||
</div> | |||
</div> | |||
{{template "base/footer" .}} | |||
{{template "base/footer" .}} |
@@ -51,6 +51,13 @@ | |||
</div> | |||
</div> | |||
<div class="form-group {{if .Err_UseSSL}}has-error has-feedback{{end}}"> | |||
<label class="col-md-3 control-label">Use SSL: </label> | |||
<div class="col-md-7"> | |||
<input name="usessl" class="form-control" type="checkbox" {{if .usessl}}checked{{end}}> | |||
</div> | |||
</div> | |||
<div class="form-group {{if .Err_BaseDN}}has-error has-feedback{{end}}"> | |||
<label class="col-md-3 control-label">Base DN: </label> | |||
<div class="col-md-7"> | |||
@@ -158,4 +165,4 @@ | |||
}); | |||
}); | |||
</script> | |||
{{template "base/footer" .}} | |||
{{template "base/footer" .}} |