ldapauthserver

package
v3.0.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 26, 2020 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Init

func Init()

Init is public so it can be called from plugin_auth_ldap.go (go/cmd/vtgate)

Types

type AuthServerLdap

type AuthServerLdap struct {
	Client
	ServerConfig
	Method         string
	User           string
	Password       string
	GroupQuery     string
	UserDnPattern  string
	RefreshSeconds time.Duration
}

AuthServerLdap implements AuthServer with an LDAP backend

func (*AuthServerLdap) AuthMethod

func (asl *AuthServerLdap) AuthMethod(user string) (string, error)

AuthMethod is part of the AuthServer interface.

func (*AuthServerLdap) Negotiate

func (asl *AuthServerLdap) Negotiate(c *mysql.Conn, user string, remoteAddr net.Addr) (mysql.Getter, error)

Negotiate is part of the AuthServer interface.

func (*AuthServerLdap) Salt

func (asl *AuthServerLdap) Salt() ([]byte, error)

Salt will be unused in AuthServerLdap.

func (*AuthServerLdap) ValidateHash

func (asl *AuthServerLdap) ValidateHash(salt []byte, user string, authResponse []byte, remoteAddr net.Addr) (mysql.Getter, error)

ValidateHash is unimplemented for AuthServerLdap.

type Client

type Client interface {
	Connect(network string, config *ServerConfig) error
	Close()
	Bind(string, string) error
	Search(*ldap.SearchRequest) (*ldap.SearchResult, error)
}

Client provides an interface we can mock

type ClientImpl

type ClientImpl struct {
	*ldap.Conn
}

ClientImpl is the real implementation of LdapClient

func (*ClientImpl) Connect

func (lci *ClientImpl) Connect(network string, config *ServerConfig) error

Connect calls ldap.Dial and then upgrades the connection to TLS This must be called before any other methods

type LdapUserData

type LdapUserData struct {
	sync.Mutex
	// contains filtered or unexported fields
}

LdapUserData holds username and LDAP groups as well as enough data to intelligently update itself.

func (*LdapUserData) Get

func (lud *LdapUserData) Get() *querypb.VTGateCallerID

Get returns wrapped username and LDAP groups and possibly updates the cache

type ServerConfig

type ServerConfig struct {
	LdapServer string
	LdapCert   string
	LdapKey    string
	LdapCA     string
}

ServerConfig holds the config for and LDAP server * include port in ldapServer, "ldap.example.com:386"

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL