Open prjemian opened 2 years ago
help getting started with LDAP: https://computingforgeeks.com/run-openldap-server-in-docker-containers/
@danielballan suggests:
See also https://github.com/bluesky/tiled/blob/main/start_LDAP.sh
and
https://github.com/bluesky/tiled/blob/main/tiled/_tests/test_authenticators.py
First test with my own LDAP server, copying tiled's unit test code:
Start the LDAP server:
(tiled) prjemian@zap:~/.../Bluesky/tiled$ docker-compose -f /home/prjemian/Documents/projects/Bluesky/tiled/continuous_integration/docker-configs/ldap-docker-compose.yml up -d
Creating network "docker-configs_default" with the default driver
Creating docker-configs_openldap_1 ... done
(tiled) prjemian@zap:~/.../Bluesky/tiled$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a8b389ec3569 bitnami/openldap:2.6 "/opt/bitnami/script…" 5 seconds ago Up 5 seconds 0.0.0.0:1389->1389/tcp, 0.0.0.0:1636->1636/tcp docker-configs_openldap_1
test in IPython
In [1]: !docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3db1a7195dc4 bitnami/openldap:2.6 "/opt/bitnami/script…" 5 seconds ago Up 5 seconds 0.0.0.0:1389->1389/tcp, 0.0.0.0:1636->1636/tcp docker-configs_openldap_1
In [2]: from tiled.authenticators import LDAPAuthenticator
In [3]: authenticator = LDAPAuthenticator("localhost", 1389, bind_dn_template="cn={username},ou=users,dc=example,dc=org",use_tls=False, use_ssl=False)
In [4]: await authenticator.authenticate("user01", "password1") == "user01"
Out[4]: True
In [5]: await authenticator.authenticate("user02", "password2") == "user02"
Out[5]: True
In [6]: await authenticator.authenticate("user02a", "password2") is None
Invalid password for user 'user02a'
Out[6]: True
In [7]: await authenticator.authenticate("user02", "password2a") is None
Invalid password for user 'user02'
Out[7]: True
In [8]:
Stop the LDAP server:
(tiled) prjemian@zap:~/.../Bluesky/tiled$ docker-compose -f /home/prjemian/Documents/projects/Bluesky/tiled/continuous_integration/docker-configs/ldap-docker-compose.yml down
Stopping docker-configs_openldap_1 ... done
Removing docker-configs_openldap_1 ... done
Removing network docker-configs_default
Used ldap-docker-compose.yml
file from tiled repository used in previous test.
version: '2'
services:
openldap:
image: docker.io/bitnami/openldap:2.6
ports:
- '1389:1389'
- '1636:1636'
environment:
- LDAP_ADMIN_USERNAME=admin
- LDAP_ADMIN_PASSWORD=adminpassword
- LDAP_USERS=user01,user02
- LDAP_PASSWORDS=password1,password2
volumes:
- 'openldap_data:/bitnami/openldap'
volumes:
openldap_data:
driver: local
also:
https://github.com/bitnami/bitnami-docker-openldap
Added some checkboxes to better define what to accomplish here.
Learn how to use authentication with tiled server.