资源引擎>> ldap>> 返回
项目作者: go-stuff

项目描述 :
Authenticate a username and password against LDAP using go-ldap.
高级语言: Go
项目地址: git://github.com/go-stuff/ldap.git
创建时间: 2019-06-02T13:16:25Z
项目社区:https://github.com/go-stuff/ldap
开源协议:MIT License
下载


ldap

GoDoc
Build Status
Go Report Card
codecov
License: MIT

Gopher Share

Using go-ldap.v3 to authenticate with LDAP and return the username and groups associated witht that user. An error is returned if authentication fails.

Packages Imported

Basic LDAP github.com/go-ldap/ldap

Installation

The recommended way to get started using github.com/go-stuff/ldap is by using ‘go get’ to install the dependency in your project.

  1. go get "github.com/go-stuff/ldap"

Usage

  1. import (
  2.     "github.com/go-stuff/ldap"
  3. )

Example

This is an example of how it would be implemented. Of course the constants could be environment variables or in a configuration file, etc… this is just an example.
The reason there are so many variables is to allow for connecting to multiple environments, it has been tested against OpenLDAP and Active Directory, there are some minor differences in objectClass and attributes.

  1. package main
  3. import (
  4.     "fmt"
  6.     "github.com/go-stuff/ldap"
  7. )
  9. // OpenLDAP
  10. const (
  11.     LDAP_SERVER             string = "192.168.1.100"
  12.     LDAP_PORT               string = "636"
  13.     LDAP_BIND_DN            string = "cn=admin,dc=go-stuff,dc=ca"
  14.     LDAP_BIND_PASS          string = "password"
  15.     LDAP_USER_BASE_DN       string = "ou=people,dc=go-stuff,dc=ca"
  16.     LDAP_USER_SEARCH_ATTR   string = "uid"
  17.     LDAP_GROUP_BASE_DN      string = "ou=group,dc=go-stuff,dc=ca"
  18.     LDAP_GROUP_OBJECT_CLASS string = "posixGroup"
  19.     LDAP_GROUP_SEARCH_ATTR  string = "memberUid"
  20.     LDAP_GROUP_SEARCH_FULL  string = "false"
  21. )
  23. // Active Dreictory
  24. // const (
  25. //     LDAP_SERVER             string = "LDAPSSL"
  26. //     LDAP_PORT               string = "636"
  27. //     LDAP_BIND_DN            string = "CN=admin,OU=Users,DC=go-stuff,DC=ca"
  28. //     LDAP_BIND_PASS          string = "password"
  29. //     LDAP_USER_BASE_DN       string = "OU=Users,DC=go-stuff,DC=ca"
  30. //     LDAP_USER_SEARCH_ATTR   string = "CN"
  31. //     LDAP_GROUP_BASE_DN      string = "OU=Groups,DC=go-stuff,DC=ca"
  32. //     LDAP_GROUP_OBJECT_CLASS string = "group"
  33. //     LDAP_GROUP_SEARCH_ATTR  string = "member"
  34. //     LDAP_GROUP_SEARCH_FULL  string = "true"
  35. // )
  37. func main() {
  38.     username, groups, err := ldap.Auth(
  39.         LDAP_SERVER,
  40.         LDAP_PORT,
  41.         LDAP_BIND_DN,
  42.         LDAP_BIND_PASS,
  43.         LDAP_USER_BASE_DN,
  44.         LDAP_USER_OBJECT_CLASS,
  45.         LDAP_USER_SEARCH_ATTR,
  46.         LDAP_GROUP_BASE_DN,
  47.         LDAP_GROUP_OBJECT_CLASS,
  48.         LDAP_GROUP_SEARCH_ATTR,
  49.         LDAP_AUTH_ATTR,
  50.         "web-user",
  51.         "password",
  52.     )
  53.     fmt.Printf("Username: %s\n", username)
  54.     if err != nil {
  55.         fmt.Println(err.Error())
  56.     }
  57.     for _, v := range groups {
  58.         fmt.Printf("    Group: %s\n", v)
  59.     }

Example Output

  1. Username: web-user
  2.     Group: domain users
  3.     Group: group-user
  4.     Group: group-random1
  5.     Group: group-random3

License

MIT License