kafka-ui
kafka-ui copied to clipboard
provectus
LDAP Auth + OTP (Yubi key) doesn't work
Hello,
Describe the bug If we enable OTP for LDAP auth on our usermanagment (webadm), then login fails with LDAP OK, but OTP failed.
Set up
- Version: v0.4.0
- Puppet / Yaml config:
...
env:
...
- SPRING_LDAP_URLS=ldap://%{hiera('yubiauth_host')}:389
- SPRING_LDAP_USERFILTER_SEARCHBASE=ou=People,dc=example,dc=com
- SPRING_LDAP_USERFILTER_SEARCHFILTER=(&(uid={0})(objectClass=inetOrgPerson))
- SPRING_LDAP_ADMINUSER=cn=webadmin,ou=Accounts,dc=example,dc=com
- SPRING_LDAP_ADMINPASSWORD=%{hiera('global_ldap_webadmin')}
Enable OTP for Useraccount, on LDAP, so it looks like: userpasswordLooooooonnnnnnggggggYubiOTP string
So the string is based on the LDAP userpassword + OTP which is 45 chars long. The password can than be up to 80 chars long or longer. I can see on the LDAP logs, that the user is found, so admin password and search works. I will try later to disable OTP for my account to see, if it help, but it could be possible, that there is a char limit for the password field.
cu denny
Hello there linuxmail! 👋
Thank you and congratulations 🎉 for opening your very first issue in this project! 💖
In case you want to claim this issue, please comment down below! We will try to get back to you as soon as we can. 👀
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hey, thanks for reaching out. We'll try to investigate.
TODO: check spring password max length
