bunkerweb icon indicating copy to clipboard operation
bunkerweb copied to clipboard
verified publisher icon bunkerity

[FEATURE] add nginx ldap auth

Open scwall opened this issue 7 months ago • 1 comments

What's needed and why?

Hello, could it be possible to add, in addition to simple authentication, an authentication via LDAP? You can find more information about this at: https://nginx-ldap-auth-service.readthedocs.io/en/stable/running.html

This solution would allow access to certain sites to be restricted to specific user groups. Additionally, it would offer the possibility to replace, for our F5, the application connection method, which currently uses an equivalent web page. Thus, users could connect to sensitive servers, often lacking identification mechanisms, and secure their connections through LDAP authentication with username and password, similar to simple authentication, but benefiting from the enhanced security of LDAP.

Thank's

Implementations ideas (optional)

No response

Code of Conduct

  • [x] I agree to follow this project's Code of Conduct

scwall avatar May 28 '25 09:05 scwall

Hi @scwall, thanks for opening this!

I had a look at the NGINX config section and you can already do LDAP auth today by pairing BunkerWeb’s Reverse Proxy Auth with nginx-ldap-auth-service. Just enable the reverse-proxy plugin and point its auth_request at your LDAP proxy.

https://docs.bunkerweb.io/1.6.2-rc2/features/#__tabbed_37_6

TheophileDiot avatar May 28 '25 16:05 TheophileDiot