nginx-ldap-auth | Example of LDAP authentication | Identity Management library
kandi X-RAY | nginx-ldap-auth Summary
kandi X-RAY | nginx-ldap-auth Summary
nginx-ldap-auth is a Python library typically used in Security, Identity Management, Nginx applications. nginx-ldap-auth has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. However nginx-ldap-auth build file is not available. You can download it from GitHub.
Note: For ease of reading, this document refers to NGINX Plus, but it also applies to open source NGINX. The prerequisite ngx_http_auth_request_module module is included both in NGINX Plus packages and prebuilt open source NGINX binaries. The nginx-ldap-auth software is a reference implementation of a method for authenticating users who request protected resources from servers proxied by NGINX Plus. It includes a daemon (ldap-auth) that communicates with an authentication server, and a sample daemon that stands in for an actual back-end server during testing, by generating an authentication cookie based on the user’s credentials. The daemons are written in Python for use with a Lightweight Directory Access Protocol (LDAP) authentication server (OpenLDAP or Microsoft Windows Active Directory 2003 and 2012). The ldap-auth daemon, which mediates between NGINX Plus and the LDAP server, is intended to serve as a model for "connector" daemons written in other languages, for different authentication systems, or both. NGINX, Inc. Professional Services is available to assist with such adaptations. For a step-by-step description of the authentication process in the reference implementation, see How Authentication Works in the Reference Implementation in NGINX Plus and NGINX Can Authenticate Application Users.
Note: For ease of reading, this document refers to NGINX Plus, but it also applies to open source NGINX. The prerequisite ngx_http_auth_request_module module is included both in NGINX Plus packages and prebuilt open source NGINX binaries. The nginx-ldap-auth software is a reference implementation of a method for authenticating users who request protected resources from servers proxied by NGINX Plus. It includes a daemon (ldap-auth) that communicates with an authentication server, and a sample daemon that stands in for an actual back-end server during testing, by generating an authentication cookie based on the user’s credentials. The daemons are written in Python for use with a Lightweight Directory Access Protocol (LDAP) authentication server (OpenLDAP or Microsoft Windows Active Directory 2003 and 2012). The ldap-auth daemon, which mediates between NGINX Plus and the LDAP server, is intended to serve as a model for "connector" daemons written in other languages, for different authentication systems, or both. NGINX, Inc. Professional Services is available to assist with such adaptations. For a step-by-step description of the authentication process in the reference implementation, see How Authentication Works in the Reference Implementation in NGINX Plus and NGINX Can Authenticate Application Users.
Support
Quality
Security
License
Reuse
Support
nginx-ldap-auth has a low active ecosystem.
It has 651 star(s) with 198 fork(s). There are 55 watchers for this library.
It had no major release in the last 12 months.
There are 20 open issues and 48 have been closed. On average issues are closed in 77 days. There are 7 open pull requests and 0 closed requests.
It has a neutral sentiment in the developer community.
The latest version of nginx-ldap-auth is release-0.0.5
Quality
nginx-ldap-auth has 0 bugs and 0 code smells.
Security
nginx-ldap-auth has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
nginx-ldap-auth code analysis shows 0 unresolved vulnerabilities.
There are 0 security hotspots that need review.
License
nginx-ldap-auth is licensed under the BSD-2-Clause License. This license is Permissive.
Permissive licenses have the least restrictions, and you can use them in most projects.
Reuse
nginx-ldap-auth releases are available to install and integrate.
nginx-ldap-auth has no build file. You will be need to create the build yourself to build the component from source.
Installation instructions, examples and code snippets are available.
nginx-ldap-auth saves you 118 person hours of effort in developing the same functionality from scratch.
It has 298 lines of code, 16 functions and 2 files.
It has medium code complexity. Code complexity directly impacts maintainability of the code.
Top functions reviewed by kandi - BETA
kandi has reviewed nginx-ldap-auth and discovered the below as its top functions. This is intended to give you an instant insight into nginx-ldap-auth implemented functionality, and help decide if they suit your requirements.
- Handle GET requests
- Handle GET request
- Handle authentication failure
- Log a message
- Returns the value of a cookie
- Log an error message
- Return a dictionary of parameters
- Handle POST request
- Generate auth form
- Log an error
- Ensure data is bytes
- Handle GET request
- Set the parameters
Get all kandi verified functions for this library.
nginx-ldap-auth Key Features
No Key Features are available at this moment for nginx-ldap-auth.
nginx-ldap-auth Examples and Code Snippets
No Code Snippets are available at this moment for nginx-ldap-auth.
Community Discussions
Trending Discussions on nginx-ldap-auth
QUESTION
nginx_ldap_auth and custom authentication page
Asked 2019-Feb-22 at 14:04
I found a nginx module (https://github.com/nginxinc/nginx-ldap-auth) that permits to authenticate an user using ldap.
I want to adapt it with a custom authentication page, that doesn't exist on the backend server. I do not understand all the interactions: Should I create a cookie within the login page? How to pass the credentials to the ldap daemon? Maybe what I want to do is impossible? It's been few days I try to do it, now i'm nearly desperate...
All the time I have these messages on the ldap daemon:
using username/password from authorization header
"GET /auth-proxy HTTP/1.0" 401 -
Below, the sites-enabled/mywebsite:
...ANSWER
Answered 2019-Feb-22 at 14:04I found out how to pass my login/password to NginX: however, not using the authorization header, but a cookie.
Here is my new nginx virtual host:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install nginx-ldap-auth
The NGINX Plus configuration file that is provided with the reference implementation configures all components other than the LDAP server (that is, NGINX Plus, the client, the ldap-auth daemon, and the back-end daemon) to run on the same host, which is adequate for testing purposes. The LDAP server can also run on that host during testing. In an actual deployment, the back-end application and authentication server typically each run on a separate host, with NGINX Plus on a third host. The ldap-auth daemon does not consume many resources in most situations, so it can run on the NGINX Plus host or another host of your choice. To install and configure the reference implementation, perform the following steps.
Create a clone of the GitHub repository (nginx-ldap-auth).
If NGINX Plus is not already running, install it according to the instructions for your operating system.
If an LDAP authentication server is not already running, install and configure one. By default the ldap-auth daemon communicates with OpenLDAP, but can be configured to work with Active Directory. If you are using the LDAP server only to test the reference implementation, you can use the OpenLDAP server Docker image that is available on GitHub, or you can set up a server in a virtual environment using instructions such as How To Install and Configure a Basic LDAP Server on an Ubuntu 12.04 VPS.
On the host where the ldap-auth daemon is to run, install the following additional software. We recommend using the versions that are distributed with the operating system, instead of downloading the software from an open source repository. Python versions 2 and 3 are supported. The Python LDAP module, python-ldap (created by the python-ldap.org open source project).
Copy the following files from your repository clone to the indicated hosts: nginx-ldap-auth.conf – NGINX Plus configuration file, which contains the minimal set of directives for testing the reference implementation. Install on the NGINX Plus host (in the /etc/nginx/conf.d directory if using the conventional configuration scheme). To avoid configuration conflicts, remember to move or rename any default configuration files installed with NGINX Plus. nginx-ldap-auth-daemon.py – Python code for the ldap-auth daemon. Install on the host of your choice. Alternatively, use provided Dockerfile to build Docker image: docker build -t nginx-ldap-auth-daemon . docker run nginx-ldap-auth-daemon If you desire to use a container with Python3, you can supply an appropriate build argument: docker build -t nginx-ldap-auth-daemon --build-arg PYTHON_VERSION=3 . nginx-ldap-auth-daemon-ctl.sh – Sample shell script for starting and stopping the daemon. Install on the same host as the ldap-auth daemon. backend-sample-app.py – Python code for the daemon that during testing stands in for a real back-end application server. Install on the host of your choice.
Modify the NGINX Plus configuration file as described in Required Modifications to the NGINX Plus Configuration File below. For information about customizing your deployment, see Customization below. We recommend running the nginx -t command after making your changes to verify that the file is syntactically valid.
Start NGINX Plus. If it is already running, run the following command to reload the configuration file: root# nginx -s reload
Run the following commands to start the ldap-auth daemon and the back-end daemon. root# nginx-ldap-auth-daemon-ctl.sh start root# python backend-sample-app.py
To test the reference implementation, use a web browser to access http://nginx-server-address:8081. Verify that the browser presents a login form. After you fill out the form and submit it, verify that the server returns the expected response to valid credentials. The sample back-end daemon returns this:
Create a clone of the GitHub repository (nginx-ldap-auth).
If NGINX Plus is not already running, install it according to the instructions for your operating system.
If an LDAP authentication server is not already running, install and configure one. By default the ldap-auth daemon communicates with OpenLDAP, but can be configured to work with Active Directory. If you are using the LDAP server only to test the reference implementation, you can use the OpenLDAP server Docker image that is available on GitHub, or you can set up a server in a virtual environment using instructions such as How To Install and Configure a Basic LDAP Server on an Ubuntu 12.04 VPS.
On the host where the ldap-auth daemon is to run, install the following additional software. We recommend using the versions that are distributed with the operating system, instead of downloading the software from an open source repository. Python versions 2 and 3 are supported. The Python LDAP module, python-ldap (created by the python-ldap.org open source project).
Copy the following files from your repository clone to the indicated hosts: nginx-ldap-auth.conf – NGINX Plus configuration file, which contains the minimal set of directives for testing the reference implementation. Install on the NGINX Plus host (in the /etc/nginx/conf.d directory if using the conventional configuration scheme). To avoid configuration conflicts, remember to move or rename any default configuration files installed with NGINX Plus. nginx-ldap-auth-daemon.py – Python code for the ldap-auth daemon. Install on the host of your choice. Alternatively, use provided Dockerfile to build Docker image: docker build -t nginx-ldap-auth-daemon . docker run nginx-ldap-auth-daemon If you desire to use a container with Python3, you can supply an appropriate build argument: docker build -t nginx-ldap-auth-daemon --build-arg PYTHON_VERSION=3 . nginx-ldap-auth-daemon-ctl.sh – Sample shell script for starting and stopping the daemon. Install on the same host as the ldap-auth daemon. backend-sample-app.py – Python code for the daemon that during testing stands in for a real back-end application server. Install on the host of your choice.
Modify the NGINX Plus configuration file as described in Required Modifications to the NGINX Plus Configuration File below. For information about customizing your deployment, see Customization below. We recommend running the nginx -t command after making your changes to verify that the file is syntactically valid.
Start NGINX Plus. If it is already running, run the following command to reload the configuration file: root# nginx -s reload
Run the following commands to start the ldap-auth daemon and the back-end daemon. root# nginx-ldap-auth-daemon-ctl.sh start root# python backend-sample-app.py
To test the reference implementation, use a web browser to access http://nginx-server-address:8081. Verify that the browser presents a login form. After you fill out the form and submit it, verify that the server returns the expected response to valid credentials. The sample back-end daemon returns this:
Support
For any new features, suggestions and bugs create an issue on GitHub.
If you have any questions check and ask questions on community page Stack Overflow .
Find more information at:
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
