public_git
/
nginx-ldap-auth
mirror of https://github.com/nginxinc/nginx-ldap-auth.git
1
0
Fork 1
Code Issues Releases Wiki Activity

Merge b05f671a84 into c98eb555f5

This commit is contained in:
Konstantin Pavlov 2025-02-14 11:16:14 -08:00 committed by GitHub
parent c98eb555f5 b05f671a84
commit e5b66323f5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -12,9 +12,9 @@ The nginx-ldap-auth software is a reference model implementation of a method for
The ldap-auth daemon, which mediates between NGINX Plus and the LDAP server, is intended to serve as a model for "connector" daemons written in other languages, for different authentication systems, or both. NGINX, Inc. Professional Services is available to assist with such adaptations. The ldap-auth daemon, which mediates between NGINX Plus and the LDAP server, is intended to serve as a model for "connector" daemons written in other languages, for different authentication systems, or both. NGINX, Inc. Professional Services is available to assist with such adaptations.
![NGINX LDAP Architecture](https://cdn-1.wp.nginx.com/wp-content/uploads/2016/02/ldap-auth-components.jpg) ![NGINX LDAP Architecture](https://www.f5.com/content/dam/f5-com/nginx-import/ldap-auth-components.jpg)
For a step-by-step description of the authentication process in the reference implementation, see [How Authentication Works in the Reference Implementation](https://nginx.com/blog/nginx-plus-authenticate-users#ldap-auth-flow) in [NGINX Plus and NGINX Can Authenticate Application Users](https://nginx.com/blog/nginx-plus-authenticate-users). For a step-by-step description of the authentication process in the reference implementation, see [How Authentication Works in the Reference Implementation](https://www.f5.com/company/blog/nginx/nginx-plus-authenticate-users#ldap-auth-flow) in [NGINX Plus and NGINX Can Authenticate Application Users](https://www.f5.com/company/blog/nginx/nginx-plus-authenticate-users).
## Installation and Configuration ## Installation and Configuration
@ -35,7 +35,7 @@ To install and configure the reference implementation, perform the following ste
1. On the host where the ldap-auth daemon is to run, install the following additional software. We recommend using the versions that are distributed with the operating system, instead of downloading the software from an open source repository. 1. On the host where the ldap-auth daemon is to run, install the following additional software. We recommend using the versions that are distributed with the operating system, instead of downloading the software from an open source repository.
- Python versions 2 and 3 are supported. - Python versions 2 and 3 are supported.
- The Python LDAP module, **python-ldap** (created by the [python-ldap.org](http://www.python-ldap.org) open source project). - The Python LDAP module, **python-ldap** (created by the [python-ldap.org](https://www.python-ldap.org) open source project).
1. Copy the following files from your repository clone to the indicated hosts: 1. Copy the following files from your repository clone to the indicated hosts:
- **nginx-ldap-auth.conf** NGINX Plus configuration file, which contains the minimal set of directives for testing the reference implementation. Install on the NGINX Plus host (in the **/etc/nginx/conf.d** directory if using the conventional configuration scheme). To avoid configuration conflicts, remember to move or rename any default configuration files installed with NGINX Plus. - **nginx-ldap-auth.conf** NGINX Plus configuration file, which contains the minimal set of directives for testing the reference implementation. Install on the NGINX Plus host (in the **/etc/nginx/conf.d** directory if using the conventional configuration scheme). To avoid configuration conflicts, remember to move or rename any default configuration files installed with NGINX Plus.
@ -76,7 +76,7 @@ Hello, world! Requested URL: <em>URL</em>
Modify the **nginx-ldap-auth.conf** file, by changing values as appropriate for your deployment for the terms shown in bold font in the following configuration. Modify the **nginx-ldap-auth.conf** file, by changing values as appropriate for your deployment for the terms shown in bold font in the following configuration.
For detailed instructions, see [Configuring the Reference Implementation](https://nginx.com/blog/nginx-plus-authenticate-users#ldap-auth-configure) in the [NGINX Plus and NGINX Can Authenticate Application Users](https://nginx.com/blog/nginx-plus-authenticate-users) blog post. The **nginx-ldap-auth.conf** file includes detailed instructions (in comments not shown here) for setting the `proxy-set-header` directives; for information about other directives, see the [NGINX reference documentation](http://nginx.org/en/docs/). For detailed instructions, see [Configuring the Reference Implementation](https://www.f5.com/company/blog/nginx/nginx-plus-authenticate-users#ldap-auth-configure) in the [NGINX Plus and NGINX Can Authenticate Application Users](https://www.f5.com/company/blog/nginx/nginx-plus-authenticate-users) blog post. The **nginx-ldap-auth.conf** file includes detailed instructions (in comments not shown here) for setting the `proxy-set-header` directives; for information about other directives, see the [NGINX reference documentation](https://nginx.org/en/docs/).
<pre> <pre>
http { http {
@ -180,7 +180,7 @@ To modify the ldap-auth daemon to communicate with a different (non-LDAP) type o
## Compatibility ## Compatibility
The auth daemon was tested against default configurations of the following LDAP servers: The auth daemon was tested against default configurations of the following LDAP servers:
* [OpenLDAP](http://www.openldap.org/)</li> * [OpenLDAP](https://www.openldap.org/)</li>
* Microsoft Windows Server Active Directory 2003</li> * Microsoft Windows Server Active Directory 2003</li>
* Microsoft Windows Server Active Directory 2012</li> * Microsoft Windows Server Active Directory 2012</li>

6
t/README.md
View File

@ -14,12 +14,12 @@ docker run my-tag
To run without Docker: To run without Docker:
Test suite is available at http://hg.nginx.org/nginx-tests. Test suite is available at https://github.com/nginx/nginx-tests.
Check the http://hg.nginx.org/nginx-tests/file/tip/README file Check the https://github.com/nginx/nginx-tests/blob/master/README file
for instructions on how to use it. for instructions on how to use it.
Additionally, the test requires a working installation Additionally, the test requires a working installation
of OpenLDAP server and utilities (http://www.openldap.org/), of OpenLDAP server and utilities (https://www.openldap.org/),
and python's coverage tool (https://coverage.readthedocs.io) and python's coverage tool (https://coverage.readthedocs.io)
copy ldap-auth.t into testsuite, setup environment variables: copy ldap-auth.t into testsuite, setup environment variables: