root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Add user_bind_pattern 

This allows using a different pattern during the "simple bind" phase. If `user_bind_pattern` is defined, it is used, otherwise fall back to `user_dn_pattern`

Related to #98 and #99
This commit is contained in:
Luke Bakken 2018-10-30 11:31:32 -07:00
parent 943dc95167
commit 7f32abde3b
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
deps/rabbitmq_auth_backend_ldap/Makefile vendored
View File

@ -5,6 +5,7 @@ PROJECT_MOD = rabbit_auth_backend_ldap_app
define PROJECT_ENV
[
{servers, undefined},
{user_bind_pattern, none},
{user_dn_pattern, "$${username}"},
{dn_lookup_attribute, none},
{dn_lookup_base, none},

11
deps/rabbitmq_auth_backend_ldap/src/rabbit_auth_backend_ldap.erl vendored
View File

@ -79,7 +79,7 @@ user_login_authentication(Username, AuthProps) when is_list(AuthProps) ->
prebind -> UserDN = username_to_dn_prebind(Username),
with_ldap({ok, {UserDN, PW}},
login_fun(Username, UserDN, PW, AuthProps));
_ -> with_ldap({ok, {fill_user_dn_pattern(Username), PW}},
_ -> with_ldap({ok, {simple_bind_fill_pattern(Username), PW}},
login_fun(Username, unknown, PW, AuthProps))
end,
?L("DECISION: login for ~s: ~p", [Username, log_result(R)]),
@ -759,6 +759,15 @@ fill_user_dn_pattern(Username) ->
ADArgs = rabbit_auth_backend_ldap_util:get_active_directory_args(Username),
fill(env(user_dn_pattern), [{username, Username}] ++ ADArgs).
simple_bind_fill_pattern(Username) ->
simple_bind_fill_pattern(env(user_bind_pattern), Username).
simple_bind_fill_pattern(none, Username) ->
fill_user_dn_pattern(Username);
simple_bind_fill_pattern(Pattern, Username) ->
ADArgs = rabbit_auth_backend_ldap_util:get_active_directory_args(Username),
fill(Pattern, [{username, Username}] ++ ADArgs).
creds(User) -> creds(User, env(other_bind)).
creds(none, as_user) ->