See discussion #14244
These changes will allow a user to make an HTTP API request to...
```
/api/ldap/validate/simple-bind
```
...with an appropriate JSON body, and the plugin will attempt a
connection to the specified LDAP server using the provided credentials.
This allows validation that a connection can be made to an LDAP server
from a RabbitMQ cluster environment.
* Add code and tests for `eldap:simple_bind` validation.
* Add support for testing TLS connections to OpenLDAP
* Add support for validating TLS related configuration via `/ldap/validate/simple-bind`
* Add support for various TLS options:
* versions
* depth
* multiple CA cert pem data
* Fall back to system certs if neither `cacertfile` nor `cacerts_pem_data` are provided to the `simple-bind` validation.
* Add `ssl_hostname_verification` support.
* Return 422 when auth fails
* Add more informative information when connection fails
* Add more tests with invalid input
* Catch parsing errors
* Tests for edge-cases for password / user_dn
* Add test for use_ssl + use_starttls combo
* Add test for ssl_options.depth validation
* Add validation tests for server_name_indication
This allows using a different pattern during the "simple bind" phase. If `user_bind_pattern` is defined, it is used, otherwise fall back to `user_dn_pattern`
Related to #98 and #99
(cherry picked from commit 7f32abde3b)
This will allow the user to enable the anon_auth flag in eldap in order
to be able to do a dn lookup by using anonymous authentication instead
of using a dedicated bind user.
This is the recommended way with Erlang.mk.
By default, the version is inherited from rabbitmq-server-release when
the source archive is created, or computed from git-describe(1) (see
`rabbitmq-components.mk`). One can override the version from the command
line by setting the `PROJECT_VERSION` variable.
[#130992027]
Michael Klishin
Luke Bakken
Rin Kuryloski
Loïc Hoguin
Luke Bakken
Michael Klishin
Jean-Sébastien Pédron
William Tan
Michael Klishin
Arnaud Cogoluègnes
kjnilsson
David Wragg
Simon MacMullen