MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-06 20:33:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

add unauthenticated lookup-bind mode to LDAP identity (#11655)

Browse Source 
Closes #11646
This commit is contained in:
cbows
2021-02-28 21:57:31 +01:00
committed by GitHub
parent c5b3a675fa
commit c67d1bf120
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/config/identity/ldap/config.go
View File

@@ -180,6 +180,9 @@ func getGroups(conn *ldap.Conn, sreq *ldap.SearchRequest) ([]string, error) {
}
func (l *Config) lookupBind(conn *ldap.Conn) error {
if l.LookupBindPassword == "" {
return conn.UnauthenticatedBind(l.LookupBindDN)
}
return conn.Bind(l.LookupBindDN, l.LookupBindPassword)
}
@@ -422,7 +425,7 @@ func Lookup(kvs config.KVS, rootCAs *x509.CertPool) (l Config, err error) {
// Lookup bind user configuration
lookupBindDN := env.Get(EnvLookupBindDN, kvs.Get(LookupBindDN))
lookupBindPassword := env.Get(EnvLookupBindPassword, kvs.Get(LookupBindPassword))
if lookupBindDN != "" && lookupBindPassword != "" {
if lookupBindDN != "" {
l.LookupBindDN = lookupBindDN
l.LookupBindPassword = lookupBindPassword
l.isUsingLookupBind = true