public_git
/
nginx-ldap-auth
mirror of https://github.com/nginxinc/nginx-ldap-auth.git
1
0
Fork 1
Code Issues Releases Wiki Activity
72 Commits 2 Branches 6 Tags 286 KiB
Commit Graph

72 Commits

Author SHA1 Message Date
Timo Stark 0aab49006d Formatting 2022-04-17 22:38:28 +02:00
Timo Stark 23d036cb69 Formatting 2022-04-17 22:33:16 +02:00
Timo Stark c0a43f4800 Escape Username before using it in any search filter 2022-04-17 22:32:53 +02:00
Vladimir Homutov ef8d313042
Merge pull request #73 from LPby/master 
Fix for Python3
 2020-01-16 13:31:16 +03:00
Pavel Lychkousky 48cdd5e593
Fix for Python3 2020-01-13 17:29:26 +03:00
Vladimir Homutov a3a04facf8 Python 3 support for the testsuite 2019-10-31 15:10:59 +03:00
Vladimir Homutov b5eca063d5 Removed trailing spaces from README. 2019-10-31 15:09:00 +03:00
Vladimir Homutov 54de6b5081
Merge pull request #71 from szuro/python3compatibility 
Python3compatibility
 2019-10-31 15:08:07 +03:00
Vladimir Homutov 7c164a4887 Added dockerfile for tests. 
It is now possible to run testsuite in docker, using supplied file.
See instructions in t/README.

Tests are adjusted to run on alpine linux which includes modular builds
of openldap server software.
 2019-09-26 19:04:32 +03:00
Robert Szulist a96bbe6a57 Add Python3 compatibility to sample app 2019-09-08 15:00:31 +02:00
Robert Szulist 8bd5c3ae21 Fix typo 2019-09-08 00:40:10 +02:00
Robert Szulist 83e28636fb Update README 2019-09-08 00:37:51 +02:00
Robert Szulist 9f01a465d8 Make code compatibile with python 2 and 3 
Add chcecks for version for importing and decoding bytestring.
Inspired by PR #66
 2019-09-08 00:30:55 +02:00
Robert Szulist 08fb44b66d Use python instead of python2 
On used docker baseimage python is already linked to python2 or python3,
depending on image version
 2019-09-07 23:03:13 +02:00
Robert Szulist d0e80bf79f Allow to select Python version at build 
With this anyone can effectively use Python 2 or 3 using --build-arg
The default version is 2.
 2019-09-07 17:53:27 +02:00
Vladimir Homutov 6fad4f3715
Merge pull request #64 from nikolaev-rd/patch-1 
Formating fixed and optimized
 2019-05-06 11:57:34 +03:00
Roman Nikolaev 8da8eef360
Formating fixed and optimized 2019-04-24 11:26:00 +03:00
Igor Ippolitov 3704dc25ff several minor fixes into spec file 2019-04-11 17:50:37 +03:00
A compound of Fe and O bbbde8d22b
Merge pull request #56 from alexjfisher/fix_spec_file 
Fix logrotate and update rpm spec file
 2019-02-07 13:42:01 +03:00
Alexander Fisher 61d8777204
Fix logrotate and update rpm spec file 
* Create log directory in spec file
* Fix logrotate file
 2018-11-16 13:01:18 +00:00
Vladimir Homutov d9a2149825 Added tests with multiple LDAP servers. 
The directory is distributed on two servers, and search now may return
continuation object for specific users.
 2018-10-29 11:46:59 +03:00
Vladimir Homutov 86687e2887 Added additional tests for user search results. 
This fixes https://github.com/nginxinc/nginx-ldap-auth/issues/55.

It was possible to perform successful bind with unknown user with recent
versions of python-ldap, in case when LDAP server returned continuation
object and allowed anonymous bind.
 2018-10-29 11:42:22 +03:00
Vladimir Homutov 57fb98b528 Added test suite. 
The testsuite depends on nginx test suite, and requires an OpenLDAP server
installed.
 2018-10-23 18:37:24 +03:00
Vladimir Homutov 850f5ea5ca
Merge pull request #42 from trunk-studio/fix/readme 
Add Comment for HTTP basic authentication.
 2018-08-20 12:47:35 +03:00
Vladimir Homutov f56178b6ee Added configuration option to disable referrals. 
The options is boolean, header name is  'X-Ldap-DisableReferrals' and
the command-line switch is '--disable-referrals', default value is
false.
 2018-08-20 12:31:55 +03:00
dd-han b5c580bac9 add Comment for HTTP basic authentication. 2018-04-19 15:26:59 +08:00
Igor Ippolitov 732eb15f07 fix log rotation in debian (#40) 2018-03-26 12:05:35 +03:00
A compound of Fe and O 3776f634c0
Merge pull request #34 from LMNetworks/issue_33 
create missing etc/logrotate.d directory in buildroot
 2018-01-16 16:30:04 +03:00
Vladimir Homutov 7ed1e2dfc9 Added StartTLS support. 
This is a rebased version and slightly modified version of patch submitted by
Matthieu Cerda <matthieu.cerda@gmail.com> via pull-request #29
(https://github.com/nginxinc/nginx-ldap-auth/pull/29)
 2017-12-25 13:04:42 +03:00
Vladimir Homutov b732f8c585 Fixed LDAP name of the "sAMAccountName" attribute. 
The correct name starts with the lowercase 's'.

https://msdn.microsoft.com/en-us/library/ms679635
 2017-12-25 13:04:42 +03:00
Vladimir Homutov d234e67497 Style: retabbed README.md 2017-12-25 13:04:42 +03:00
Vladimir Homutov 1262eaf8a3 Added Dockerfile for nginx-ldap-auth-daemon.py. 2017-12-22 19:14:10 +03:00
Vladimir Homutov cdc0abff91 Fixed typos in README.md 2017-12-22 17:22:39 +03:00
Vladimir Homutov 37be5adf9c Added default redirection destination to /dev/stdout. 
When a nginx-ldap-auth-daemon.py is executed from console, its output
is set to /dev/stdout by default.  Otherwise, value of a 'LOG' variable is
used, exported by wrapper script.
 2017-12-22 15:21:53 +03:00
Vladimir Homutov 8d187d9acf Replaced bash-specific redirections. 2017-12-22 15:02:12 +03:00
Vladimir Homutov 18e0b9c29c Fixed a typo in realm default value. 2017-12-22 14:21:23 +03:00
Vladimir Homutov 9df349f98e Removed trailing spaces. 2017-12-22 14:20:43 +03:00
Luca Lesinigo 38d220dd58 create missing etc/logrotate.d directory in buildroot 2017-12-20 14:23:43 +01:00
Vladimir Homutov b5de9a539c Merge pull request #28 from cawemo/kubernetes 
Exit on SIGTERM for Kubernetes, print startup message
 2017-10-25 12:17:39 +03:00
Christian Nicolai b860648a33 Exit on SIGTERM for Kubernetes, print startup message 2017-10-25 11:09:59 +02:00
Igor Ippolitov 8952b217a8 Put correct link to an architecture solution image 2017-09-12 12:25:18 +03:00
arozyev 937def0caa Added Template usage example to README.md 2017-05-17 14:46:03 +03:00
A compound of Fe and O f9e1a42329 Merge pull request #19 from nichivo/master 
Fixed logging and typo for bind DN argument
 2017-05-02 16:46:01 +03:00
Rick Hansen d66d4a04e7 Update spec file to rotate log file 2017-05-01 14:34:22 +10:00
Rick Hansen f94670848e Use unbuffered IO and redirect output to log file 2017-05-01 14:31:45 +10:00
Rick Hansen 481b02a979 Fixed typo for bind DN argument in .default 2017-05-01 14:28:41 +10:00
Vladimir Homutov 9d7cfcd1cc Merge pull request #14 from oxpa/master 
Fixed a typo in .service file and fixed missing file in .install
 2016-11-07 15:31:16 +04:00
Igor Ippolitov bd3f672763 Fixed a typo in .service file and fixed missing file in .install 2016-11-07 14:20:38 +03:00
Vladimir Homutov b56c9ef686 Merge pull request #13 from ArfyFR/patch-1 
Quoted-string Basic realm ctx according to rfc7235
 2016-11-03 14:10:01 +04:00
ArfyFR 64bb271b2e Quoted-string Basic realm ctx according to rfc7235 
Hi,

I faced some problems with 401 message and an Android client.

It yelded because in the WWW-Authenticate header the
Basic ream=<ctx>
wasn't surrouned by ""

In the https://tools.ietf.org/html/rfc7235 it is written that 
 - Authentication parameters are name=value pairs
 - and "auth-param     = token BWS "=" BWS ( token / quoted-string )"
 - and "For historical reasons, a sender MUST only generate the quoted-string
   syntax.  Recipients might have to support both token and
   quoted-string syntax for maximum interoperability with existing
   clients that have been accepting both notations for a long time."

After my modification, the Android worked again (and iOs and PC clients faicing the 401 still worked ;) )

BR,
Arfy
 2016-11-03 11:00:33 +01:00