Documentation ¶
Index ¶
- func Init()
- type AuthServerLdap
- func (asl *AuthServerLdap) AuthMethods() []mysql.AuthMethod
- func (asl *AuthServerLdap) DefaultAuthMethodDescription() mysql.AuthMethodDescription
- func (asl *AuthServerLdap) HandleUser(user string) bool
- func (asl *AuthServerLdap) UserEntryWithPassword(userCerts []*x509.Certificate, user string, password string, ...) (mysql.Getter, error)
- type Client
- type ClientImpl
- type LdapUserData
- type ServerConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AuthServerLdap ¶
type AuthServerLdap struct { Client ServerConfig User string Password string GroupQuery string UserDnPattern string RefreshSeconds int64 // contains filtered or unexported fields }
AuthServerLdap implements AuthServer with an LDAP backend
func (*AuthServerLdap) AuthMethods ¶ added in v0.12.0
func (asl *AuthServerLdap) AuthMethods() []mysql.AuthMethod
AuthMethods returns the list of registered auth methods implemented by this auth server.
func (*AuthServerLdap) DefaultAuthMethodDescription ¶ added in v0.12.0
func (asl *AuthServerLdap) DefaultAuthMethodDescription() mysql.AuthMethodDescription
DefaultAuthMethodDescription returns MysqlNativePassword as the default authentication method for the auth server implementation.
func (*AuthServerLdap) HandleUser ¶ added in v0.12.0
func (asl *AuthServerLdap) HandleUser(user string) bool
HandleUser is part of the Validator interface. We handle any user here since we don't check up front.
func (*AuthServerLdap) UserEntryWithPassword ¶ added in v0.12.0
func (asl *AuthServerLdap) UserEntryWithPassword(userCerts []*x509.Certificate, user string, password string, remoteAddr net.Addr) (mysql.Getter, error)
UserEntryWithPassword is part of the PlaintextStorage interface and called after the password is sent by the client.
type Client ¶
type Client interface { Connect(network string, config *ServerConfig) error Close() Bind(string, string) error Search(*ldap.SearchRequest) (*ldap.SearchResult, error) }
Client provides an interface we can mock
type ClientImpl ¶
ClientImpl is the real implementation of LdapClient
func (*ClientImpl) Connect ¶
func (lci *ClientImpl) Connect(network string, config *ServerConfig) error
Connect calls ldap.Dial and then upgrades the connection to TLS This must be called before any other methods
type LdapUserData ¶
LdapUserData holds username and LDAP groups as well as enough data to intelligently update itself.
func (*LdapUserData) Get ¶
func (lud *LdapUserData) Get() *querypb.VTGateCallerID
Get returns wrapped username and LDAP groups and possibly updates the cache