Gitlab CE:使用ldapjs进行LDAP身份验证
我正在我公司的SSO上构建一个LDAP适配器,以便人们可以通过它登录gitlab My LDAP Adapter是使用ldapjs构建的,并返回以下对象:Gitlab CE:使用ldapjs进行LDAP身份验证,ldap,gitlab,ldapjs,Ldap,Gitlab,Ldapjs,我正在我公司的SSO上构建一个LDAP适配器,以便人们可以通过它登录gitlab My LDAP Adapter是使用ldapjs构建的,并返回以下对象: { dn: 'cn=test, o=sso', attributes: { cn: 'test', uid: 'test', mail: 'test@test.com', objectclass: 'user' } } 我总是以无法从Ldapmain对您进行身份验证而告终,因为“凭据无效”
{ dn: 'cn=test, o=sso',
attributes:
{ cn: 'test',
uid: 'test',
mail: 'test@test.com',
objectclass: 'user'
}
}
我总是以无法从Ldapmain对您进行身份验证而告终,因为“凭据无效”
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_servers'] = YAML.load <<-'EOS' # remember to close this block with 'EOS' below
main: # 'main' is the GitLab 'provider ID' of this LDAP server
label: 'LDAP_SSO'
host: 'localhost'
port: 1389
uid: 'mail'
method: 'plain' # "tls" or "ssl" or "plain"
bind_dn: 'cn=root'
password: 'secret'
active_directory: false
allow_username_or_email_login: true
block_auto_created_users: true
base: 'o=sso'
user_filter: ''
EOS
日志
独角兽日志
root@xxx:/var/log/gitlab# cat /var/log/gitlab/unicorn/unicorn_stdout.log
I, [2015-11-30T13:42:37.350694 #22372] INFO -- omniauth: (ldapmain) Callback phase initiated.
E, [2015-11-30T13:42:37.392395 #22372] ERROR -- omniauth: (ldapmain) Authentication failure! invalid_credentials encountered.
gitlab rails/production.log
Started POST "/users/auth/ldapmain/callback" for 127.0.0.1 at 2015-11-30 14:10:41 +0100
Processing by OmniauthCallbacksController#failure as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "username"=>"test@test.com", "password"=>"[FILTERED]"}
Redirected to http://localhost:8080/users/sign_in
Completed 302 Found in 37ms (ActiveRecord: 3.0ms)
Started GET "/users/sign_in" for 127.0.0.1 at 2015-11-30 14:10:41 +0100
Processing by SessionsController#new as HTML
Completed 200 OK in 55ms (Views: 33.2ms | ActiveRecord: 1.3ms)
您将讨论创建自定义LDAP提供程序,然后展示标准LDAP配置。这些是如何组合在一起的?如果没有这一点,很难想象您已经构建了什么以及为什么它不能工作。您将讨论创建自定义LDAP提供程序,然后展示标准LDAP配置。这些是如何组合在一起的?没有这个,很难想象你已经建立了什么,为什么它不起作用。
root@xxx:/var/log/gitlab# cat /var/log/gitlab/unicorn/unicorn_stdout.log
I, [2015-11-30T13:42:37.350694 #22372] INFO -- omniauth: (ldapmain) Callback phase initiated.
E, [2015-11-30T13:42:37.392395 #22372] ERROR -- omniauth: (ldapmain) Authentication failure! invalid_credentials encountered.
Started POST "/users/auth/ldapmain/callback" for 127.0.0.1 at 2015-11-30 14:10:41 +0100
Processing by OmniauthCallbacksController#failure as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"[FILTERED]", "username"=>"test@test.com", "password"=>"[FILTERED]"}
Redirected to http://localhost:8080/users/sign_in
Completed 302 Found in 37ms (ActiveRecord: 3.0ms)
Started GET "/users/sign_in" for 127.0.0.1 at 2015-11-30 14:10:41 +0100
Processing by SessionsController#new as HTML
Completed 200 OK in 55ms (Views: 33.2ms | ActiveRecord: 1.3ms)