IdentityServer4.LdapExtension icon indicating copy to clipboard operation
IdentityServer4.LdapExtension copied to clipboard

Published 20 hours ago verified publisher icon Nordes

SSL Support for Ldap

Open mdpolasek opened this issue 5 years ago • 6 comments

The current release does not support SSL, even though there is a configuration option for this. Is this planned for the next release? Is somebody already working on this?

mdpolasek avatar Mar 03 '19 15:03 mdpolasek

Hi,

It was in my intention, but I didn't have the time to fully complete. If you want, please create a pull request. From memory, I think almost no code is required to unlock it.

Nordes avatar Mar 05 '19 13:03 Nordes

Hi

I’m going to create a pull request in the coming 2 weeks. Thanks a lot for your response.

Best regards, Martin

From: Nordes Ménard-Lamarre [email protected] Sent: Dienstag, 5. März 2019 14:30 To: Nordes/IdentityServer4.LdapExtension [email protected] Cc: mdpolasek [email protected]; Author [email protected] Subject: Re: [Nordes/IdentityServer4.LdapExtension] SSL Support for Ldap (#24)

Hi,

It was in my intention, but I didn't have the time to fully complete. If you want, please create a pull request. From memory, I think almost no code is required to unlock it.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/Nordes/IdentityServer4.LdapExtension/issues/24#issuecomment-469679679, or mute the threadhttps://github.com/notifications/unsubscribe-auth/Aj7hrKp4UT7SIBYx10QFA40oL0on2zGQks5vTnFGgaJpZM4bbD6V.

mdpolasek avatar Mar 05 '19 13:03 mdpolasek

@Nordes

I implemented LDAP in our IS3 implementation using Novell.Directory.Ldap. The connection had a property for turning on SSL.

// LdapConnection.SecureSocketLayer.. 
cn.SecureSocketLayer = _config.UseSSL;

Is this what you are thinking? If that is the case, I can take a look and see if your plugin is similar and help out with this. I have a full plate this weekend though but can make time next week-ish.

If I can get some help from you setting up the OpenLDAP container & the same testing you use, this will go much faster.

I can wing it and just send the pull request to you also.

codyskidmore avatar Apr 19 '19 13:04 codyskidmore

I actually, I poked around your the extension source and found this.

   public LdapService(ExtensionConfig config, ILogger<LdapService<TUser>> logger)
    {
        _logger = logger;
        _config = config.Connections;

        _config.ToList().ForEach(f => _ldapConnections.Add(f.FriendlyName, new LdapConnection
        {
            SecureSocketLayer = f.Ssl
        }));
    }

It looks like you use the same Novell Ldap library. Is SSL not working?

codyskidmore avatar Apr 19 '19 13:04 codyskidmore

Any news on this? I tried enabling SSL, changed port and it looks like it's working.

malled avatar Jun 27 '19 12:06 malled

I believe it is working. Under the covers it uses the same library I used on an IS3 implementation -- almost the exact code in fact.

codyskidmore avatar Jun 27 '19 13:06 codyskidmore