Can it supports ldap server with authentication SSL?

etyp / meteor-accounts-ldap

A Meteor package for logging in and creating users with LDAP credentials

MIT License

39 stars 23 forks source link

Can it supports ldap server with authentication SSL? #3

Closed fooying closed 8 years ago

fooying commented 9 years ago

Maybe it can set option when create client

tlsOptions = { 'rejectUnauthorized': false }

var client = ldap.createClient({
url: 'LDAPS://foobar',
tlsOptions: tlsOptions
});

etyp commented 9 years ago

@fooying this is mostly just an extension of the npm ldapjs package - it doesn't look like there are any advanced tls options supported. Take a look at that package and let me know if you see anything in there that my package is preventing you from currently doing and I'll be glad to adjust.

tanutapi commented 9 years ago

In order to access unauthorized SSL/TLS LDAPS server we need to passing {tlsOptions: {rejectUnauthorized: false}} as ldap.createClient()'s parameter.

The easier way to do this without changing any code is put this line of code at somewhere beginning: process.env.NODE_TLS_REJECT_UNAUTHORIZED = 0;

But it would be great if there is smarter way to pass this as options through loginWithLDAP().

etyp commented 8 years ago

@tanutapi Now supporting LDAPS. See below from the readme:

LDAPS Support

If you want to use ldaps to implement secure authentication, you also need to provide an SSL certificate (e.g. in the shape of a ssl.pem file)

Simply set the following defaults in some server-side code:

LDAP_DEFAULTS.ldapsCertificate = Assets.getText('ldaps/ssl.pem'); // asset location of the SSL certificate
LDAP_DEFAULTS.port = 636; // default port for LDAPS
LDAP_DEFAULTS.url = 'ldaps://my-ldap-host.com'; // ldaps protocol

This example configuration will require the ssl.pem file to be located in <your-project-root>/private/ldap/ssl.pem.