omniauth-ldap | LDAP strategy for OmniAuth | Identity Management library

by omniauth Ruby Version: v2.0.0 License: No License

X-Ray Key Features Code Snippets Community Discussions(2)Vulnerabilities Install Support

kandi X-RAY | omniauth-ldap Summary

omniauth-ldap is a Ruby library typically used in Security, Identity Management applications. omniauth-ldap has no bugs, it has no vulnerabilities and it has low support. You can download it from GitHub.

LDAP strategy for OmniAuth

Support

Quality

Security

License

Reuse

Support

omniauth-ldap has a low active ecosystem.

It has 143 star(s) with 159 fork(s). There are 12 watchers for this library.

It had no major release in the last 12 months.

There are 27 open issues and 16 have been closed. On average issues are closed in 333 days. There are 13 open pull requests and 0 closed requests.

It has a neutral sentiment in the developer community.

The latest version of omniauth-ldap is v2.0.0

Quality

omniauth-ldap has 0 bugs and 0 code smells.

Security

omniauth-ldap has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

omniauth-ldap code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

omniauth-ldap does not have a standard license declared.

Check the repository for any license declaration and review the terms closely.

Without a license, all rights are reserved, and you cannot use the library in your applications.

Reuse

omniauth-ldap releases are available to install and integrate.

Installation instructions are not available. Examples and code snippets are available.

omniauth-ldap saves you 190 person hours of effort in developing the same functionality from scratch.

It has 468 lines of code, 12 functions and 7 files.

It has medium code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of omniauth-ldap

Get all kandi verified functions for this library.

omniauth-ldap Key Features

No Key Features are available at this moment for omniauth-ldap.

omniauth-ldap Examples and Code Snippets

No Code Snippets are available at this moment for omniauth-ldap.

Community Discussions

Trending Discussions on omniauth-ldap

Gitlab LDAP with SASL

ldap filter in omniauth ldap module not working in discourse

QUESTION

Gitlab LDAP with SASL

Asked 2020-Jan-28 at 10:04

I'm trying to configure Gitlab 10.0.2 to use LDAP authentication. I cannot use TLS, so I was hoping to use SASL DIGEST-MD5 to provide better security than cleartext. The Gitlab documentation seems to suggest that this is possible (emphasis mine):

You should disable anonymous LDAP authentication and enable simple or SASL authentication.

However, it does not provide any guidance on how to configure a SASL bind. I've tried setting the try_sasl and sasl_mechanisms configuration keys mentioned in the omniauth-ldap README, but I've verified with Wireshark that a simple bind is still being used instead of DIGEST-MD5.

The relevant section from my gitlab.rb:

...

ANSWER

Answered 2017-Oct-04 at 20:31

I got it working, but only by patching the Gitlab install. So, be forewarned: Here there be dragons

Patch /etc/gitlab/gitlab.rb

Source https://stackoverflow.com/questions/46533188

QUESTION

ldap filter in omniauth ldap module not working in discourse

Asked 2018-Nov-21 at 19:09

I currently try to configure Discourse to only allow users in a specific ldap group to log in. Discourse has a plugin called discourse-ldap auth ( https://github.com/jonmbake/discourse-ldap-auth ). This plugin uses the omniauth ldap module: https://github.com/omniauth/omniauth-ldap

My discourse plugin configuration (the configuration is actually used by the discourse plugin for the omniauth ldap module):

ldap enabled: true
ldap hostname: the hostname of my ldap server
ldap port: 389
ldap method: plain
ldap base: the base of my ldap server
ldap uid: userPrincipalName
ldap bind dn: Nothing
ldap password: Nothing
ldap filter: (&(userPrincipalName=%{username})(memberOf=cn=[the name of the required group],ou=....,[base]))

When using this configuration, nobody can log in to the forum. When I use the bind dn and password, everybody can log in. I also tried this filter without success (copied from my ldap servers filter):

(&(&(&(userPrincipalName=%{username})(memberOf=[dn of the group]))))

What do I have to configure, to only allow users in that specific group to log in?

I didn't found any errors or indicators in the log. Please help!

Thanks fou your help and attention!

...

ANSWER

Answered 2018-Nov-21 at 19:09

You do need the "ldap dn" and "ldap password". Those are the credentials used to authenticate to LDAP so you can lookup people's accounts. Usually, that is a service account only used by your application.

The filter should probably look something like this:

Source https://stackoverflow.com/questions/53408396

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install omniauth-ldap

You can download it from GitHub.
On a UNIX-like operating system, using your system’s package manager is easiest. However, the packaged Ruby version may not be the newest one. There is also an installer for Windows. Managers help you to switch between multiple Ruby versions on your system. Installers can be used to install a specific or multiple Ruby versions. Please refer ruby-lang.org for more information.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: