test · e6c77fc45f1b1ee3095fc809adbc0493517053c2 · core / tarantool

Dmitry Ivanov authored 1 year ago

This authentication method doesn't store any secrets; instead,
we delegate the whole auth to a pre-configured LDAP server. In
the method's implementation, we connect to the LDAP server and
perform a BIND operation which checks user's credentials.

Usage example:

```lua
-- Set the default auth method to LDAP and create a new user.
-- NOTE that we still have to provide a dummy password; otherwise
-- box.schema.user.create will setup an empty auth data.
box.cfg({auth_type = 'ldap'})
box.schema.user.create('demo', { password = '' })

-- Configure LDAP server connection URL and DN format string.
os = require('os')
os.setenv('TT_LDAP_URL', 'ldap://localhost:1389')
os.setenv('TT_LDAP_DN_FMT', 'cn=$USER,ou=users,dc=example,dc=org')

-- Authenticate using the LDAP authentication method via net.box.
conn = require('net.box').connect(uri, {
    user = 'demo',
    password = 'password',
    auth_type = 'ldap',
})
```

NO_DOC=picodata internal patch
NO_CHANGELOG=picodata internal patch
NO_TEST=picodata internal patch

71778554

History

71778554 1 year ago

History

Name	Last commit	Last update
..
app-luatest
app-tap
app
box-luatest
box-py
box-tap
box
engine-luatest
engine-tap
engine
engine_long
fuzz
long_run-py
metrics-luatest
replication-luatest
replication-py
replication
share
sql-luatest
sql-tap
sql
static
swim
unit
vinyl-luatest
vinyl
wal_off
xlog-py
xlog
.gitattributes
CMakeLists.txt
helper.lua
interactive_tarantool.lua
luajit-test-init.lua
small
test-run.py