mirror of
https://github.com/minio/minio.git
synced 2024-12-26 23:25:54 -05:00
3163a660aa
Fixes support for using multiple base DNs for user search in the LDAP directory allowing users from different subtrees in the LDAP hierarchy to request credentials. - The username in the produced credentials is now the full DN of the LDAP user to disambiguate users in different base DNs.
54 lines
1.5 KiB
Go
54 lines
1.5 KiB
Go
/*
|
|
* MinIO Cloud Storage, (C) 2019 MinIO, Inc.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
package ldap
|
|
|
|
import "github.com/minio/minio/cmd/config"
|
|
|
|
// SetIdentityLDAP - One time migration code needed, for migrating from older config to new for LDAPConfig.
|
|
func SetIdentityLDAP(s config.Config, ldapArgs Config) {
|
|
if !ldapArgs.Enabled {
|
|
// ldap not enabled no need to preserve it in new settings.
|
|
return
|
|
}
|
|
s[config.IdentityLDAPSubSys][config.Default] = config.KVS{
|
|
config.KV{
|
|
Key: ServerAddr,
|
|
Value: ldapArgs.ServerAddr,
|
|
},
|
|
config.KV{
|
|
Key: STSExpiry,
|
|
Value: ldapArgs.STSExpiryDuration,
|
|
},
|
|
config.KV{
|
|
Key: UsernameFormat,
|
|
Value: ldapArgs.UsernameFormat,
|
|
},
|
|
config.KV{
|
|
Key: GroupSearchFilter,
|
|
Value: ldapArgs.GroupSearchFilter,
|
|
},
|
|
config.KV{
|
|
Key: GroupNameAttribute,
|
|
Value: ldapArgs.GroupNameAttribute,
|
|
},
|
|
config.KV{
|
|
Key: GroupSearchBaseDN,
|
|
Value: ldapArgs.GroupSearchBaseDistName,
|
|
},
|
|
}
|
|
}
|