WIP attempt to do non anonymous ldap connect
#908
オープン
trinity-1686a
が ldap-non-anon
から main
への 1 コミットのマージを希望しています
プル元: ldap-non-anon
マージ先: Plume:main
Plume:paginate-search-init
Plume:main
Plume:s3
Plume:fix-delete-user
Plume:timeline-cli
Plume:blog-title
Plume:signature
Plume:remove-dup-images
Plume:drone-ci
Plume:DearRude/force-lang
Plume:igalic/go/async-all-mut
Plume:go/async
Plume:floreal/translations-update
Plume:missing-docs
Plume:RAOF/fix-arm64-build
Plume:epsilon-phase/authorized-fetch
Plume:upgrade
Plume:improve-the-editor-once-again
Plume:igalic/feat/custom-fairing-domains
Plume:feature/ldap
Plume:test/dotenv_error
Plume:fix-mobile-margin
レビューア
レビュー依頼
レビューアなし
ラベル
ラベルをクリア
Related to the REST API
Code running on the server
Stuff related to Federation
Related to the front-end
Translations, and related code
More about project management or code than the project itself
The building, or installation process of Plume
Something isn't working
We need to talk
New feature or request
This is a new feature
Compatibility with different browsers, readers and OS
Related to an external package that Plume uses
UI/UX related issues and PRs
Good for newcomers
Extra attention is needed
Issues affecting only mobile UX
How elements're rendered out for the end user
Something else needs to be fixed first
This issue or pull request already exists
This PR is not complete yet
Issues concern a limited number of instances
This doesn't seem right
Need to be discussed by the community (on Loomio)
This PR is ready to be reviewed
Proposed ideas worth considering
This is issue has been created after a vote on Loomio
This will not be worked on
ラベル付け
A: API
Related to the REST API
A: Backend
Code running on the server
A: Federation
Stuff related to Federation
A: Front-End
Related to the front-end
A: I18N
Translations, and related code
A: Meta
More about project management or code than the project itself
A: Security
Build
The building, or installation process of Plume
C: Bug
Something isn't working
C: Discussion
We need to talk
C: Enhancement
New feature or request
C: Feature
This is a new feature
Compatibility
Compatibility with different browsers, readers and OS
Dependency
Related to an external package that Plume uses
Design
UI/UX related issues and PRs
Documentation
Good first issue
Good for newcomers
Help welcome
Extra attention is needed
Mobile
Issues affecting only mobile UX
Rendering
How elements're rendered out for the end user
S: Blocked
Something else needs to be fixed first
S: Duplicate
This issue or pull request already exists
S: Incomplete
This PR is not complete yet
S: Instance specific
Issues concern a limited number of instances
S: Invalid
This doesn't seem right
S: Needs Voting/Discussion
Need to be discussed by the community (on Loomio)
S: Ready for review
This PR is ready to be reviewed
Suggestion
Proposed ideas worth considering
S: Voted on Loomio
This is issue has been created after a vote on Loomio
S: Wontfix
This will not be worked on
ラベルなし
A: API
A: Backend
A: Federation
A: Front-End
A: I18N
A: Meta
A: Security
Build
C: Bug
C: Discussion
C: Enhancement
C: Feature
Compatibility
Dependency
Design
Documentation
Good first issue
Help welcome
Mobile
Rendering
S: Blocked
S: Duplicate
S: Incomplete
S: Instance specific
S: Invalid
S: Needs Voting/Discussion
S: Ready for review
Suggestion
S: Voted on Loomio
S: Wontfix
マイルストーン
マイルストーンの設定
マイルストーンをクリア
項目なし
マイルストーンなし
担当者
担当者の割り当て
担当者をクリア
担当者なし
2 人の参加者
通知
期日
期日が正しくないか範囲を超えています。 'yyyy-mm-dd' の形式で入力してください。
期日は未設定です。
依存関係
依存関係が設定されていません。
リファレンス: Plume/Plume#908
新しいイシューから参照
まだ内容がありません
ブランチ 'ldap-non-anon' の削除
ブランチの削除は恒久的で、元に戻すことはできません。 続行しますか?
いいえ
はい
attempt at fixing #902
@pwFoo could you test if it works for you?
I have to finish some other tasks and need to learn how to compile project based on a pull request first...
If you know how to compile from sources, you can run
git checkout ldap-non-anon
before running cargo commands. You might need to rungit fetch
before git checkout if it does not find the branchFirst a binddn is connected and than in a second step verify the real user.
Build is done, how to configure the additional LDAP parameters for bind?
it's
LDAP_USER
andLDAP_PASSWORD
, as environment variables or in .envLogin works, but I think need some improvements.
I see the ldap query and can compare it with a working one. Looks like your implementation do two bindings instead of one?
plume ldap
Working application
ToDo
1. Rename bind user ENV
2. That part should be removed! Second bind!
3. search filter
Binded user need to search for the "real" user. And the search filter need to be configurable like that filter part
LDAP_FILTER example. search attribute is given by
(uid=%u)
part and%u
is replaced by the login user name.Configurable search base and search filter would be most flexible I think?
Hi @trinity-1686a,
what do you think about the suggested changes?