openanalytics / shinyproxy

ShinyProxy - Open Source Enterprise Deployment for Shiny and data science apps
https://www.shinyproxy.io
Apache License 2.0
524 stars 152 forks source link

Multiple LDAP does not work as a backup #396

Open feddelegrand7 opened 1 year ago

feddelegrand7 commented 1 year ago

Hello,

I'm trying to use multiple LDAP as follows:

authentication: ldap
  admin-groups: ............"
  container-wait-time: 600000
  ldap:
  -  url: first_ldap_url
     user-search-base: OU=Users
     user-search-filter: (sAMAccountName={0})
     group-search-base: OU=Groups
     group-search-filter: (member={0})
     manager-dn: ......................
     manager-password: "........................"
  -  url: second_ldap_url
     user-search-base:
     user-search-filter: (sAMAccountName={0})
     group-search-base: OU=Groups
     group-search-filter: (member={0})
     manager-dn: ..........................................
     manager-password: "..................."

I was expecting that when the first LDAP url is down, the second will be user to authenticate the users. Apparently, it's only using the first one and there's no backup for the second one. Meaning, if the first one is down (while the other one works), the users will still not be able to authenticate (although the second LDAP works).

Unfortunately, the documentation is not clear in that subject. Could you please update the docs in case someone might also think that that's an LDAP backup system.

Thanks in advance.

LEDfan commented 1 year ago

Hi, you are right, if one the servers fail to respond, the login attempt will fail as well. I'll keep this issue open as a feature request to improve this.