Commit 041ffb0e authored by ale's avatar ale

Bind password can be specified directly in the config file

parent 3560f4b2
Pipeline #791 passed with stages
in 44 seconds
......@@ -73,6 +73,7 @@ func (c *LDAPQueryConfig) searchRequest(username string, attrs ...string) *ldap.
type LDAPConfig struct {
URI string `yaml:"uri"`
BindDN string `yaml:"bind_dn"`
BindPw string `yaml:"bind_pw"`
BindPwFile string `yaml:"bind_pw_file"`
Query *LDAPQueryConfig `yaml:"query"`
}
......@@ -85,8 +86,8 @@ func (c *LDAPConfig) Valid() error {
if c.BindDN == "" {
return errors.New("empty bind_dn")
}
if c.BindPwFile == "" {
return errors.New("empty bind_pw_file")
if (c.BindPwFile == "" && c.BindPw == "") || (c.BindPwFile != "" && c.BindPw != "") {
return errors.New("only one of bind_pw_file or bind_pw must be set")
}
if c.Query == nil {
return errors.New("missing query configuration")
......@@ -106,13 +107,17 @@ func NewLDAPBackend(config *LDAPConfig) (*ldapBackend, error) {
}
// Read the bind password.
bindPw, err := ioutil.ReadFile(config.BindPwFile)
if err != nil {
return nil, err
bindPw := config.BindPw
if config.BindPwFile != "" {
pwData, err := ioutil.ReadFile(config.BindPwFile)
if err != nil {
return nil, err
}
bindPw = strings.TrimSpace(string(pwData))
}
// Connect.
pool, err := ldaputil.NewConnectionPool(config.URI, config.BindDN, strings.TrimSpace(string(bindPw)), 5)
pool, err := ldaputil.NewConnectionPool(config.URI, config.BindDN, bindPw, 5)
if err != nil {
return nil, err
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment