Closed erevodifosin closed 2 years ago
@erevodifosin - Great Addition, I have some points that would need to be looked into before we could consider merging.
I would be happy to help add the GUI options/ LDAP model that would make LDAP configurable from the Admin Page, but would need to know the steps to start a very basic but functional LDAP server that we could connect.
This is my very first PR ever, so bear with me, please.
In order for the system to be versatile we need the below settings.
Username, first name, last name and email LDAP attributes may vary between LDAP server implementations. (some of the I hardcoded them in my PR but it is easy to change in the future)
Happy New Year! In case you missed I already added the LDAP config in the Docs.
Another thing that come to my mind is that we could do a mapping between easyauth groups and LDAP groups. So users will get their permission level based on the LDAP groups they are in.
I did not find a predictable way of creating an LDAP server within tests, and do not have the time to research this. I will close this PR for now until we can ensure the features are tested.
I am using this docker image : https://github.com/osixia/docker-openldap Works very well. @erevodifosin : don't you need also a "LDAP bind user login" and "LDAP bind user password" in your config to retrieve the directory tree ?
@codemation : Why there is a need to create an LDAP server ? Even without docker, it is possible to use an online LDAP test server : https://www.forumsys.com/2022/05/10/online-ldap-test-server/
Implements functionality for authentication via LDAP. Tested on MS Active Directory.