rack-auth-ldap
Rack Middleware LDAP authentication
Copyright
Copyright © 2014 Romain GEORGES. See COPYRIGHT for details. Copyright © 2007, 2008, 2009, 2010 Christian Neukirchen <purl.org/net/chneukirchen> for Rack Project
Presentation
Rack::Auth::Ldap is a basic authentication module with LDAP support Rack::Auth::Ldap is heavily based on Rack:Auth::Basic from the Rack main Project by Christian Neukirchen
This is an additional module for Rack to authenticate users against an LDAP server
Usage
Initialize
In you config.ru, simply add :
require 'rubygems'
require 'rack'
gem 'rack-auth-ldap'
require 'rack/auth/ldap'
require File.dirname(__FILE__) + '/your_app'
use Rack::Auth::Ldap
run Sinatra::Application
this configuration activate the Basic Authentication for the entire application
To use custom configuration file:
use RAck::Auth::Ldap, file: '/path/to/my/cconfig.yml'
Configure
Create an ldap.yml configuration file with :
production: &ldap_defaults
hostname: localhost
basedn: ou=groups,dc=domain,dc=tld
rootdn: cn=admin,dc=domain,dc=tld
passdn: secret
auth: true
port: 389
username_ldap_attribut: uid
test:
<<: *ldap_defaults
development:
<<: *ldap_defaults
if you want to deactivate root authentication before user binding :
production: &ldap_defaults
hostname: localhost
basedn: ou=groups,dc=domain,dc=tld
auth: false
port: 389
username_ldap_attribut: uid
test:
<<: *ldap_defaults
development:
<<: *ldap_defaults
to use ldaps add:
simple_tls: true
to use start tls add:
start_tls: true
if you need to set openssl options add a “tls_options” hash e.g.:
tls_options:
ca_path: /my/certificate/dir
or
tls_options:
ca_file: /my/certificate/file
to help debug tls you can add:
debug: true
which will send debugging messages to stdout