author | Waqas Hussain <waqas20@gmail.com> |
Fri, 13 Feb 2015 10:44:23 -0500 | |
changeset 1614 | 062ed39a1805 |
parent 1613 | 5f139770061e |
child 1615 | 770236ea9678 |
permissions | -rw-r--r-- |
1273
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
1 |
-- mod_auth_ldap |
293
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
2 |
|
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
3 |
local new_sasl = require "util.sasl".new; |
1273
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
4 |
local lualdap = require "lualdap"; |
1478
099583539e2c
mod_auth_ldap: Remove excess backslashes from escape pattern
Kim Alvefur <zash@zash.se>
parents:
1376
diff
changeset
|
5 |
local function ldap_filter_escape(s) return (s:gsub("[*()\\%z]", function(c) return ("\\%02x"):format(c:byte()) end)); end |
293
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
6 |
|
1273
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
7 |
-- Config options |
1162
8e3420d48508
mod_auth_ldap: Switch to type-specific get_option variants
Kim Alvefur <zash@zash.se>
parents:
902
diff
changeset
|
8 |
local ldap_server = module:get_option_string("ldap_server", "localhost"); |
8e3420d48508
mod_auth_ldap: Switch to type-specific get_option variants
Kim Alvefur <zash@zash.se>
parents:
902
diff
changeset
|
9 |
local ldap_rootdn = module:get_option_string("ldap_rootdn", ""); |
8e3420d48508
mod_auth_ldap: Switch to type-specific get_option variants
Kim Alvefur <zash@zash.se>
parents:
902
diff
changeset
|
10 |
local ldap_password = module:get_option_string("ldap_password", ""); |
8e3420d48508
mod_auth_ldap: Switch to type-specific get_option variants
Kim Alvefur <zash@zash.se>
parents:
902
diff
changeset
|
11 |
local ldap_tls = module:get_option_boolean("ldap_tls"); |
1163
52bee1247014
mod_auth_ldap: Add a configurable scope, defaulting to onelevel
Kim Alvefur <zash@zash.se>
parents:
1162
diff
changeset
|
12 |
local ldap_scope = module:get_option_string("ldap_scope", "onelevel"); |
1287
da2e593317d7
mod_auth_ldap: Switch config format for ldap_filter to eg (uid=$user)
Kim Alvefur <zash@zash.se>
parents:
1274
diff
changeset
|
13 |
local ldap_filter = module:get_option_string("ldap_filter", "(uid=$user)"):gsub("%%s", "$user", 1); |
1162
8e3420d48508
mod_auth_ldap: Switch to type-specific get_option variants
Kim Alvefur <zash@zash.se>
parents:
902
diff
changeset
|
14 |
local ldap_base = assert(module:get_option_string("ldap_base"), "ldap_base is a required option for ldap"); |
1479
9a0a0cfd3710
mod_auth_ldap: Change default for ldap_mode to "bind", everyone seems to be using that
Kim Alvefur <zash@zash.se>
parents:
1478
diff
changeset
|
15 |
local ldap_mode = module:get_option_string("ldap_mode", "bind"); |
1287
da2e593317d7
mod_auth_ldap: Switch config format for ldap_filter to eg (uid=$user)
Kim Alvefur <zash@zash.se>
parents:
1274
diff
changeset
|
16 |
local host = ldap_filter_escape(module:get_option_string("realm", module.host)); |
293
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
17 |
|
1273
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
18 |
-- Initiate connection |
1613
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
19 |
local ld = nil; |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
20 |
module.unload = function() if ld then pcall(ld, ld.close); end end |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
21 |
|
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
22 |
function ldap_search_once(args) |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
23 |
if ld == nil then |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
24 |
local err; |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
25 |
ld, err = lualdap.open_simple(ldap_server, ldap_rootdn, ldap_password, ldap_tls); |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
26 |
if not ld then return nil, err, "reconnect"; end |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
27 |
end |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
28 |
|
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
29 |
local success, iterator, invariant, initial = pcall(ld.search, ld, args); |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
30 |
if not success then ld = nil; return nil, iterator, "search"; end |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
31 |
|
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
32 |
local success, dn, attr = pcall(iterator, invariant, initial); |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
33 |
if not success then ld = nil; return success, dn, "iter"; end |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
34 |
|
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
35 |
return dn, attr, "return"; |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
36 |
end |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
37 |
|
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
38 |
function ldap_search(args, retry_count) |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
39 |
local dn, attr, where; |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
40 |
for i=1,1+retry_count do |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
41 |
dn, attr, where = ldap_search_once(args); |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
42 |
if dn or not(attr) then break; end -- nothing or something found |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
43 |
module:log("warn", "LDAP: %s %s (in %s)", tostring(dn), tostring(attr), where); |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
44 |
-- otherwise retry |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
45 |
end |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
46 |
if not dn and attr then |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
47 |
module:log("error", "LDAP: %s", tostring(attr)); |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
48 |
end |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
49 |
return dn, attr; |
5f139770061e
mod_auth_ldap: Connect to LDAP lazily, and add support for reconnects on error.
Waqas Hussain <waqas20@gmail.com>
parents:
1479
diff
changeset
|
50 |
end |
293
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
51 |
|
1190
c99d8b666eb4
mod_auth_ldap: Convert from plain_test to plain mode, allowing SCRAM and similar.
Kim Alvefur <zash@zash.se>
parents:
1163
diff
changeset
|
52 |
local function get_user(username) |
c99d8b666eb4
mod_auth_ldap: Convert from plain_test to plain mode, allowing SCRAM and similar.
Kim Alvefur <zash@zash.se>
parents:
1163
diff
changeset
|
53 |
module:log("debug", "get_user(%q)", username); |
1614
062ed39a1805
mod_auth_ldap: Fix nil traceback when using uninitialized LDAP connection.
Waqas Hussain <waqas20@gmail.com>
parents:
1613
diff
changeset
|
54 |
for dn, attr in ldap_search({ |
1190
c99d8b666eb4
mod_auth_ldap: Convert from plain_test to plain mode, allowing SCRAM and similar.
Kim Alvefur <zash@zash.se>
parents:
1163
diff
changeset
|
55 |
base = ldap_base; |
c99d8b666eb4
mod_auth_ldap: Convert from plain_test to plain mode, allowing SCRAM and similar.
Kim Alvefur <zash@zash.se>
parents:
1163
diff
changeset
|
56 |
scope = ldap_scope; |
1375
90bde50b3915
mod_auth_ldap: Limit results in user lookup query to 1
Kim Alvefur <zash@zash.se>
parents:
1374
diff
changeset
|
57 |
sizelimit = 1; |
1287
da2e593317d7
mod_auth_ldap: Switch config format for ldap_filter to eg (uid=$user)
Kim Alvefur <zash@zash.se>
parents:
1274
diff
changeset
|
58 |
filter = ldap_filter:gsub("%$(%a+)", { |
da2e593317d7
mod_auth_ldap: Switch config format for ldap_filter to eg (uid=$user)
Kim Alvefur <zash@zash.se>
parents:
1274
diff
changeset
|
59 |
user = ldap_filter_escape(username); |
da2e593317d7
mod_auth_ldap: Switch config format for ldap_filter to eg (uid=$user)
Kim Alvefur <zash@zash.se>
parents:
1274
diff
changeset
|
60 |
host = host; |
da2e593317d7
mod_auth_ldap: Switch config format for ldap_filter to eg (uid=$user)
Kim Alvefur <zash@zash.se>
parents:
1274
diff
changeset
|
61 |
}); |
1614
062ed39a1805
mod_auth_ldap: Fix nil traceback when using uninitialized LDAP connection.
Waqas Hussain <waqas20@gmail.com>
parents:
1613
diff
changeset
|
62 |
}, 3) do return dn, attr; end |
293
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
63 |
end |
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
64 |
|
814
881ec9919144
mod_auth_*: Use module:provides(), and don't explicitly specify provider.name.
Waqas Hussain <waqas20@gmail.com>
parents:
342
diff
changeset
|
65 |
local provider = {}; |
293
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
66 |
|
1273
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
67 |
function provider.create_user(username, password) |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
68 |
return nil, "Account creation not available with LDAP."; |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
69 |
end |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
70 |
|
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
71 |
function provider.user_exists(username) |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
72 |
return not not get_user(username); |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
73 |
end |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
74 |
|
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
75 |
function provider.set_password(username, password) |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
76 |
local dn, attr = get_user(username); |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
77 |
if not dn then return nil, attr end |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
78 |
if attr.userPassword == password then return true end |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
79 |
return ld:modify(dn, { '=', userPassword = password })(); |
1b543060f31e
mod_auth_ldap: Cleanup, reorder and some comments
Kim Alvefur <zash@zash.se>
parents:
1221
diff
changeset
|
80 |
end |
1274
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
81 |
|
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
82 |
if ldap_mode == "getpasswd" then |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
83 |
function provider.get_password(username) |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
84 |
local dn, attr = get_user(username); |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
85 |
if dn and attr then |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
86 |
return attr.userPassword; |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
87 |
end |
1190
c99d8b666eb4
mod_auth_ldap: Convert from plain_test to plain mode, allowing SCRAM and similar.
Kim Alvefur <zash@zash.se>
parents:
1163
diff
changeset
|
88 |
end |
1274
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
89 |
|
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
90 |
function provider.test_password(username, password) |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
91 |
return provider.get_password(username) == password; |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
92 |
end |
1190
c99d8b666eb4
mod_auth_ldap: Convert from plain_test to plain mode, allowing SCRAM and similar.
Kim Alvefur <zash@zash.se>
parents:
1163
diff
changeset
|
93 |
|
1274
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
94 |
function provider.get_sasl_handler() |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
95 |
return new_sasl(module.host, { |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
96 |
plain = function(sasl, username) |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
97 |
local password = provider.get_password(username); |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
98 |
if not password then return "", nil; end |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
99 |
return password, true; |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
100 |
end |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
101 |
}); |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
102 |
end |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
103 |
elseif ldap_mode == "bind" then |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
104 |
local function test_password(userdn, password) |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
105 |
return not not lualdap.open_simple(ldap_server, userdn, password, ldap_tls); |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
106 |
end |
293
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
107 |
|
1274
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
108 |
function provider.test_password(username, password) |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
109 |
local dn = get_user(username); |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
110 |
if not dn then return end |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
111 |
return test_password(dn, password) |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
112 |
end |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
113 |
|
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
114 |
function provider.get_sasl_handler() |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
115 |
return new_sasl(module.host, { |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
116 |
plain_test = function(sasl, username, password) |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
117 |
return provider.test_password(username, password), true; |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
118 |
end |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
119 |
}); |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
120 |
end |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
121 |
else |
4b15437d6c56
mod_auth_ldap: Add support for binding
Kim Alvefur <zash@zash.se>
parents:
1273
diff
changeset
|
122 |
module:log("error", "Unsupported ldap_mode %s", tostring(ldap_mode)); |
293
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
123 |
end |
d76f47a608ab
mod_auth_ldap: Convert to real line endings
Matthew Wild <mwild1@gmail.com>
parents:
286
diff
changeset
|
124 |
|
814
881ec9919144
mod_auth_*: Use module:provides(), and don't explicitly specify provider.name.
Waqas Hussain <waqas20@gmail.com>
parents:
342
diff
changeset
|
125 |
module:provides("auth", provider); |