Closed duttarnab closed 1 year ago
@duttarnab, two queries:
In jans-link we can add the LDAP configuration of source LDAP servers. We need API in config-api to test the connection of added source LDAP servers.
is it possible to add non LDAP server to LDAP configuration? and is it right?MYSQL
,PGSQL
, COUCHBASE
and CLOUD_SPANNER
Do we need the test functionality for all these? and shouldn't the endpoint be new say https://{hostname}/jans-config-api/api/v1/config/database/test
rather than https://{hostname}/jans-config-api/api/v1/config/database/ldap/test
?The jans-link can pull records from a source LDAP server to your Jans persistence (any supported persistenceLDAP, mysql, couchbase etc).
So Janssen server with any supported persistence should be able to test the source LDAP server connection.
and shouldn't the endpoint be new say https://{hostname}/jans-config-api/api/v1/config/database/test rather than https://{hostname}/jans-config-api/api/v1/config/database/ldap/test?
Ans: Well, currently jans-link supports pulling records from source LDAP servers. It doesn't support other source persistence. In future, we are going to allow sync users not only from LDAP but also other forms of persistence. So, based on this statement you can name the test endpoint.
@yurem , as i understand form above is that, jans-link
can pull records from a source LDAP server from any machine other than the one on which jans-auth server is installed and that too for any of the persistence that is LDAP, MySql, CB etc.
And source LDAP server can be standalone that is without jans-auth server.
In such a case there might not be any mechanism to decrypt the LDAP pwd
I am not sure if the requirement itself is correct.
Issue replication:
In
jans-link
we can add the LDAP configuration of source LDAP servers. We need API in config-api to test the connection of added source LDAP servers.NOTE: We already have
https://{hostname}/jans-config-api/api/v1/config/database/ldap/test
to test added LDAP configurations of auth server. For jans-link, this endpoint throws an error if the auth server uses non-LDAP persistence (like MySql).