ldapauthserver

package
v0.20.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 23, 2024 License: Apache-2.0 Imports: 12 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Init

func Init(ldapAuthConfigFile, ldapAuthConfigString, ldapAuthMethod string)

Init is public so it can be called from plugin_auth_ldap.go (go/cmd/vtgate)

Types

type AuthServerLdap

type AuthServerLdap struct {
	Client
	ServerConfig
	User           string
	Password       string
	GroupQuery     string
	UserDnPattern  string
	RefreshSeconds int64
	// contains filtered or unexported fields
}

AuthServerLdap implements AuthServer with an LDAP backend

func (*AuthServerLdap) AuthMethods added in v0.12.0

func (asl *AuthServerLdap) AuthMethods() []mysql.AuthMethod

AuthMethods returns the list of registered auth methods implemented by this auth server.

func (*AuthServerLdap) DefaultAuthMethodDescription added in v0.12.0

func (asl *AuthServerLdap) DefaultAuthMethodDescription() mysql.AuthMethodDescription

DefaultAuthMethodDescription returns MysqlNativePassword as the default authentication method for the auth server implementation.

func (*AuthServerLdap) HandleUser added in v0.12.0

func (asl *AuthServerLdap) HandleUser(user string) bool

HandleUser is part of the Validator interface. We handle any user here since we don't check up front.

func (*AuthServerLdap) UserEntryWithPassword added in v0.12.0

func (asl *AuthServerLdap) UserEntryWithPassword(conn *mysql.Conn, user string, password string, remoteAddr net.Addr) (mysql.Getter, error)

UserEntryWithPassword is part of the PlaintextStorage interface and called after the password is sent by the client.

type Client

type Client interface {
	Connect(network string, config *ServerConfig) error
	Close()
	Bind(string, string) error
	Search(*ldap.SearchRequest) (*ldap.SearchResult, error)
}

Client provides an interface we can mock

type ClientImpl

type ClientImpl struct {
	*ldap.Conn
}

ClientImpl is the real implementation of LdapClient

func (*ClientImpl) Connect

func (lci *ClientImpl) Connect(network string, config *ServerConfig) error

Connect calls ldap.Dial and then upgrades the connection to TLS This must be called before any other methods

type LdapUserData

type LdapUserData struct {
	sync.Mutex
	// contains filtered or unexported fields
}

LdapUserData holds username and LDAP groups as well as enough data to intelligently update itself.

func (*LdapUserData) Get

func (lud *LdapUserData) Get() *querypb.VTGateCallerID

Get returns wrapped username and LDAP groups and possibly updates the cache

type ServerConfig

type ServerConfig struct {
	LdapServer        string
	LdapCert          string
	LdapKey           string
	LdapCA            string
	LdapCRL           string
	LdapTLSMinVersion string
}

ServerConfig holds the config for and LDAP server * include port in ldapServer, "ldap.example.com:386"

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL