search

FusionAuth / fusionauth-issues

FusionAuth issue submission project
https://fusionauth.io
90 stars 12 forks source link

Reveal FusionAuth as an LDAP server #954

Open robotdan opened 3 years ago

robotdan commented 3 years ago

Reveal FusionAuth as an LDAP server

Problem

Moved this use case here from https://github.com/FusionAuth/fusionauth-issues/issues/219, this is use case 3 from the linked issue.

Use Case I have devices, or applications that can only authenticate against LDAP. I want FusionAuth to be revealed to these devices as LDAP.

For example you may have a printer, wifi access point, etc that may use a Radius server which can authenticate against LDAP. You may have linux clients (servers or workstations) that can only authenticate against LDAP / OpenLDAP.

This is a separate use case from Use Case 1 and Use Case 2 and is not currently in plan. Please comment in the thread below which Use Case you are looking to be solved - if one or the other. If you're looking for both 1 and 3, include your priority in order.

Solution

Make FusionAuth look like an LDAP server to accommodate this use case.

Alternatives/workarounds

  1. Stop using LDAP.
  2. Use another layer on top of FusionAuth to bridge to devices that only speak LDAP

Additional context

Add any other context or screenshots about the feature request here.

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.

darcyd commented 3 years ago

Hi we have a Use Case to integrate with Esri ArcGIS Server which can currently only be externally authenticated against LDAP. https://enterprise.arcgis.com/en/server/latest/administer/linux/securing-services-with-users-and-roles-from-an-ldap-server.htm

If Fusion Auth could act as a LDAP server, this would enable integration with a stand alone setup of Esri ArcGIS Server.

robotdan commented 3 years ago

Thanks for the feedback @darcyd. We currently have this issue marked as a "paid-feature", would you still be interested if we were to require a paid edition of FusionAuth to utilize this feature?

darcyd commented 3 years ago

Yes that would be fine to have as a paid feature.

Is this in active development? Any ETA?

Thanks, Darcy

On Mon, Jul 12, 2021 at 8:36 AM Daniel DeGroff @.***> wrote:

Thanks for the feedback @darcyd https://github.com/darcyd. We currently have this issue marked as a "paid-feature", would you still be interested if we were to require a paid edition of FusionAuth to utilize this feature?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/FusionAuth/fusionauth-issues/issues/954#issuecomment-878332795, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB32CQHUPYD7LXUKPIRA4U3TXL4XFANCNFSM4TAE2ZOQ .

sbingram commented 3 years ago

Inclusion of this feature would differentiate it from all solutions I am aware of. It would make the paid edition a worthwhile expenditure.

AydinChavez commented 3 years ago

Is anybody working on this? Any chance to get it prioritized?

mooreds commented 3 years ago

Hi @AydinChavez ,

Thanks for upvoting this! This is not currently on the roadmap. Here's our general roadmap guidance: https://fusionauth.io/docs/v1/tech/core-concepts/roadmap/

If you are interested in professional services (where you pay to have this implemented), please contact our sales team to discuss details. https://fusionauth.io/contact/

Otherwise we'll prioritize this based on customer and community feedback, as outlined above.

Thanks!