Rack Middleware LDAP authentication
Copyright © 2014 Romain GEORGES. See COPYRIGHT for details. Copyright © 2007, 2008, 2009, 2010 Christian Neukirchen <purl.org/net/chneukirchen> for Rack Project
Rack::Auth::Ldap is a basic authentication module with LDAP support Rack::Auth::Ldap is heavily based on Rack:Auth::Basic from the Rack main Project by Christian Neukirchen
This is an additional module for Rack to authenticate users against an LDAP server
In you config.ru, simply add :
require 'rubygems' require 'rack' gem 'rack-auth-ldap' require 'rack/auth/ldap' require File.dirname(__FILE__) + '/your_app' use Rack::Auth::Ldap run Sinatra::Application
this configuration activate the Basic Authentication for the entire application
To use custom configuration file:
use RAck::Auth::Ldap, file: '/path/to/my/cconfig.yml'
Create an ldap.yml configuration file with :
production: &ldap_defaults hostname: localhost basedn: ou=groups,dc=domain,dc=tld rootdn: cn=admin,dc=domain,dc=tld passdn: secret auth: true port: 389 username_ldap_attribut: uid test: <<: *ldap_defaults development: <<: *ldap_defaults
if you want to deactivate root authentication before user binding :
production: &ldap_defaults hostname: localhost basedn: ou=groups,dc=domain,dc=tld auth: false port: 389 username_ldap_attribut: uid test: <<: *ldap_defaults development: <<: *ldap_defaults
to use ldaps add:
ldaps: true
to use start tls add:
starttls: true
if you need to set openssl options add a “tls_options” hash e.g.:
tls_options:
ca_path: /my/certificate/dir
or
tls_options:
ca_file: /my/certificate/file
to help debug tls you can add:
debug: true
which will send debugging messages to stdout