search

vesse / node-ldapauth-fork

Simple node.js module to authenticate against an LDAP server
Other
127 stars 79 forks source link

Write After End Problem for TLS connection #24

Closed emrahayanoglu closed 9 years ago

emrahayanoglu commented 9 years ago

Hi,

I try to connect and login through LDAP using the following code:

ldap_auth.authenticate(user.name, user.pass, function(err, ldap_user) {
                logger.info("LDAP authentication will be checked for user: " + user.name);
                if (ldap_user) {
                        logger.info(ldap_user);
                        req.session.authentication = 1;
                        return next();
                } else {
                        logger.warn("LDAP authentication is not valid: " + user.name);
                        logger.warn(err);
                        req.session.authentication = 1;
                        return next();
                }
        });

And my configuration settings is like that:

ldap_options = {
                        url: ldap_url,
                        searchBase: 'cn=admins,ou=Groups,dc=local',
                        searchFilter: '(uid={{username}})',
                        verbose:true,
                        cache:true,
                        tlsOptions: {
                                  ca: [ca_file_content]
                        }
};

However, whenever I try to login, I've got following error:

warn: Error: write after end at writeAfterEnd (_stream_writable.js:167:12) at TLSSocket.Writable.write (_stream_writable.js:214:5) at TLSSocket.Socket.write (net.js:634:40) at Client._send (/var/ums/umsRemoteAccessProxy/node_modules/ldapauth-fork/node_modules/ldapjs/lib/client/client.js:914:17) at Client.search (/var/ums/umsRemoteAccessProxy/node_modules/ldapauth-fork/node_modules/ldapjs/lib/client/client.js:678:15) at /var/ums/umsRemoteAccessProxy/node_modules/ldapauth-fork/lib/ldapauth.js:196:23 at LdapAuth._adminBind (/var/ums/umsRemoteAccessProxy/node_modules/ldapauth-fork/lib/ldapauth.js:165:12) at LdapAuth._search (/var/ums/umsRemoteAccessProxy/node_modules/ldapauth-fork/lib/ldapauth.js:192:8) at LdapAuth._findUser (/var/ums/umsRemoteAccessProxy/node_modules/ldapauth-fork/lib/ldapauth.js:252:8) at LdapAuth.authenticate (/var/ums/umsRemoteAccessProxy/node_modules/ldapauth-fork/lib/ldapauth.js:308:8)

Actually, I try to re-initialize the ldap client per each request; however, it gives another error: LDAP connection closed. I'm stuck currently. Do you have any idea about that?

vesse commented 9 years ago

Not much with that - but it looks like the connection is closed when search is performed. One reason could be server disconnecting because of bindDn and bindCredentials are not given and thus trying to perform anonymous search.

emrahayanoglu commented 9 years ago

Thanks for your help. We moved from SSL based LDAP connection to without SSL based LDAP connection and it is working currently.

vesse commented 9 years ago

You could try using newer ldapjs by first removing ldapauth-fork from node_modules -folder, then add "ldapjs": "mcavage/node-ldapjs#acc1ca8f43" to package.json, and then run npm install (because ldapjs is not working using TLS on Node 0.12 and newer). Another issue could be the certficate - try adding option "tlsOptions" : { "rejectUnauthorized" : false } when creating LdapAuth