本文整理汇总了Golang中github.com/go-ldap/ldap.Conn类的典型用法代码示例。如果您正苦于以下问题:Golang Conn类的具体用法?Golang Conn怎么用?Golang Conn使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Conn类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: initLDAPConnector
func initLDAPConnector() string {
var (
ckl = int(0)
err error
l *ldap.Conn
)
for {
if ckl > 9 {
log.Printf("LDAP Init SRV ***** Error connect to all LDAP servers...")
return "error"
}
ldap_count++
if ldap_count > len(rconf.LDAP_URL)-1 {
ldap_count = 0
}
log.Printf("LDAP Init SRV ***** Trying connect to server %d of %d: %s", ldap_count+1, len(rconf.LDAP_URL), rconf.LDAP_URL[ldap_count][0])
l, err = ldap.Dial("tcp", rconf.LDAP_URL[ldap_count][0])
if err != nil {
continue
}
defer l.Close()
break
ckl++
}
return rconf.LDAP_URL[ldap_count][0]
}
开发者ID:BestianRU,项目名称:SABookServices,代码行数:32,代码来源:WebLDAPBook.go
示例2: getUserDN
/*
* Returns the DN of the object representing the authenticated user.
*/
func (b *backend) getUserDN(cfg *ConfigEntry, c *ldap.Conn, bindDN string) (string, error) {
userDN := ""
if cfg.UPNDomain != "" {
// Find the distinguished name for the user if userPrincipalName used for login
filter := fmt.Sprintf("(userPrincipalName=%s)", ldap.EscapeFilter(bindDN))
if b.Logger().IsDebug() {
b.Logger().Debug("auth/ldap: Searching UPN", "userdn", cfg.UserDN, "filter", filter)
}
result, err := c.Search(&ldap.SearchRequest{
BaseDN: cfg.UserDN,
Scope: 2, // subtree
Filter: filter,
})
if err != nil {
return userDN, fmt.Errorf("LDAP search failed for detecting user: %v", err)
}
for _, e := range result.Entries {
userDN = e.DN
}
} else {
userDN = bindDN
}
return userDN, nil
}
开发者ID:chrishoffman,项目名称:vault,代码行数:28,代码来源:backend.go
示例3: getBindDN
func getBindDN(cfg *ConfigEntry, c *ldap.Conn, username string) (string, error) {
bindDN := ""
if cfg.DiscoverDN || (cfg.BindDN != "" && cfg.BindPassword != "") {
if err := c.Bind(cfg.BindDN, cfg.BindPassword); err != nil {
return bindDN, fmt.Errorf("LDAP bind (service) failed: %v", err)
}
result, err := c.Search(&ldap.SearchRequest{
BaseDN: cfg.UserDN,
Scope: 2, // subtree
Filter: fmt.Sprintf("(%s=%s)", cfg.UserAttr, ldap.EscapeFilter(username)),
})
if err != nil {
return bindDN, fmt.Errorf("LDAP search for binddn failed: %v", err)
}
if len(result.Entries) != 1 {
return bindDN, fmt.Errorf("LDAP search for binddn 0 or not unique")
}
bindDN = result.Entries[0].DN
} else {
if cfg.UPNDomain != "" {
bindDN = fmt.Sprintf("%[email protected]%s", EscapeLDAPValue(username), cfg.UPNDomain)
} else {
bindDN = fmt.Sprintf("%s=%s,%s", cfg.UserAttr, EscapeLDAPValue(username), cfg.UserDN)
}
}
return bindDN, nil
}
开发者ID:faradayio,项目名称:vault-1,代码行数:28,代码来源:backend.go
示例4: Bind
// Bind binds to a given LDAP connection if a bind DN and password were given.
// Bind returns whether a bind occurred and whether an error occurred
func (l *LDAPClientConfig) Bind(connection *ldap.Conn) (bound bool, err error) {
if len(l.BindDN) > 0 {
if err := connection.Bind(l.BindDN, l.BindPassword); err != nil {
return false, err
} else {
return true, nil
}
}
return false, nil
}
开发者ID:urashidmalik,项目名称:origin,代码行数:13,代码来源:client.go
示例5: DialLDAP
func (c *ConfigEntry) DialLDAP() (*ldap.Conn, error) {
u, err := url.Parse(c.Url)
if err != nil {
return nil, err
}
host, port, err := net.SplitHostPort(u.Host)
if err != nil {
host = u.Host
}
var conn *ldap.Conn
var tlsConfig *tls.Config
switch u.Scheme {
case "ldap":
if port == "" {
port = "389"
}
conn, err = ldap.Dial("tcp", host+":"+port)
if err != nil {
break
}
if conn == nil {
err = fmt.Errorf("empty connection after dialing")
break
}
if c.StartTLS {
tlsConfig, err = c.GetTLSConfig(host)
if err != nil {
break
}
err = conn.StartTLS(tlsConfig)
}
case "ldaps":
if port == "" {
port = "636"
}
tlsConfig, err = c.GetTLSConfig(host)
if err != nil {
break
}
conn, err = ldap.DialTLS("tcp", host+":"+port, tlsConfig)
default:
return nil, fmt.Errorf("invalid LDAP scheme")
}
if err != nil {
return nil, fmt.Errorf("cannot connect to LDAP: %v", err)
}
return conn, nil
}
开发者ID:naunga,项目名称:vault,代码行数:51,代码来源:path_config.go
示例6: bindReadOnlyUser
func (la *LDAPAuth) bindReadOnlyUser(l *ldap.Conn) error {
if la.config.BindDN != "" {
password, err := ioutil.ReadFile(la.config.BindPasswordFile)
if err != nil {
return err
}
glog.V(2).Infof("Bind read-only user %s", string(password))
err = l.Bind(la.config.BindDN, string(password))
if err != nil {
return err
}
}
return nil
}
开发者ID:frank12268,项目名称:docker_auth,代码行数:14,代码来源:ldap_auth.go
示例7: modify
// modify enables or disables an LDAP account
func modify(l *ldap.Conn, entry *ldap.Entry, action string) error {
useraccountcontrol := entry.Attributes[1].Values[0]
if useraccountcontrol != action {
modify := ldap.NewModifyRequest(entry.DN)
modify.Replace("useraccountcontrol", []string{action})
if err := l.Modify(modify); err != nil {
log.Println("ERROR: %s\n", err.Error())
return err
}
cn := entry.Attributes[0].Values[0]
logMod(cn, action)
}
return nil
}
开发者ID:whitby,项目名称:vmanage,代码行数:15,代码来源:sync.go
示例8: bindReadOnlyUser
func (la *LDAPAuth) bindReadOnlyUser(l *ldap.Conn) error {
if la.config.BindDN != "" {
password, err := ioutil.ReadFile(la.config.BindPasswordFile)
if err != nil {
return err
}
password_str := strings.TrimSpace(string(password))
glog.V(2).Infof("Bind read-only user (DN = %s)", la.config.BindDN)
err = l.Bind(la.config.BindDN, password_str)
if err != nil {
return err
}
}
return nil
}
开发者ID:nautsio,项目名称:docker_auth,代码行数:15,代码来源:ldap_auth.go
示例9: inGroup
func inGroup(username, group string, config *Config, conn *ldap.Conn, attrs []string) (bool, map[string][]string, error) {
groupDN, err := getDN(group, config, conn)
if err != nil {
if config.Debug {
log.Printf("DEBUG: Error: %s\n", err)
}
return false, nil, err
}
search := ldap.NewSearchRequest(
config.BaseDN,
ldap.ScopeWholeSubtree,
ldap.DerefAlways,
1, 0,
false,
fmt.Sprintf("(sAMAccountName=%s)", username),
append(attrs, "memberOf"),
nil,
)
result, lErr := conn.Search(search)
if lErr != nil {
if config.Debug {
log.Printf("DEBUG: LDAP Error %v\n", lErr)
}
return false, nil, lErr
}
if len(result.Entries) == 1 {
entryAttrs := attrsToMap(result.Entries[0])
if groups, ok := entryAttrs["memberOf"]; ok {
for _, g := range groups {
if groupDN == g {
for _, key := range attrs {
if key == "memberOf" {
return true, entryAttrs, nil
}
}
delete(entryAttrs, "memberOf")
return true, entryAttrs, nil
}
}
}
return false, entryAttrs, nil
}
return false, nil, LDAPError("Amount of Entries returned was not one")
}
开发者ID:korylprince,项目名称:go-ad-auth,代码行数:44,代码来源:auth.go
示例10: getUserDN
func getUserDN(cfg *ConfigEntry, c *ldap.Conn, bindDN string) (string, error) {
userDN := ""
if cfg.UPNDomain != "" {
// Find the distinguished name for the user if userPrincipalName used for login
result, err := c.Search(&ldap.SearchRequest{
BaseDN: cfg.UserDN,
Scope: 2, // subtree
Filter: fmt.Sprintf("(userPrincipalName=%s)", ldap.EscapeFilter(bindDN)),
})
if err != nil {
return userDN, fmt.Errorf("LDAP search failed for detecting user: %v", err)
}
for _, e := range result.Entries {
userDN = e.DN
}
} else {
userDN = bindDN
}
return userDN, nil
}
开发者ID:faradayio,项目名称:vault-1,代码行数:21,代码来源:backend.go
示例11: ldapConnection
func (la *LDAPAuth) ldapConnection() (*ldap.Conn, error) {
var l *ldap.Conn
var err error
if la.config.TLS == "" || la.config.TLS == "none" || la.config.TLS == "starttls" {
glog.V(2).Infof("Dial: starting...%s", la.config.Addr)
l, err = ldap.Dial("tcp", fmt.Sprintf("%s", la.config.Addr))
if err == nil && la.config.TLS == "starttls" {
glog.V(2).Infof("StartTLS...")
if tlserr := l.StartTLS(&tls.Config{InsecureSkipVerify: la.config.InsecureTLSSkipVerify}); tlserr != nil {
return nil, tlserr
}
}
} else if la.config.TLS == "always" {
glog.V(2).Infof("DialTLS: starting...%s", la.config.Addr)
l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s", la.config.Addr), &tls.Config{InsecureSkipVerify: la.config.InsecureTLSSkipVerify})
}
if err != nil {
return nil, err
}
return l, nil
}
开发者ID:nautsio,项目名称:docker_auth,代码行数:21,代码来源:ldap_auth.go
示例12: searchByName
// Search LDAP by cn filter
func searchByName(l *ldap.Conn, name string) (*ldap.SearchResult, error) {
filter := fmt.Sprintf("(cn=%v)", ReplaceAccents(name))
search := ldap.NewSearchRequest(
baseDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
filter,
attributes,
nil)
sr, err := l.Search(search)
if err != nil {
return nil, err
}
switch {
case len(sr.Entries) == 0:
return sr, ErrNoResults
case len(sr.Entries) > 1:
return sr, ErrTooManyResults
}
return sr, nil
}
开发者ID:whitby,项目名称:vmanage,代码行数:22,代码来源:sync.go
示例13: getAttrs
func getAttrs(username string, config *Config, conn *ldap.Conn, attrs []string) (map[string][]string, error) {
search := ldap.NewSearchRequest(
config.BaseDN,
ldap.ScopeWholeSubtree,
ldap.DerefAlways,
1, 0,
false,
fmt.Sprintf("(sAMAccountName=%s)", username),
attrs,
nil,
)
result, lErr := conn.Search(search)
if lErr != nil {
if config.Debug {
log.Printf("DEBUG: LDAP Error %v\n", lErr)
}
return nil, lErr
}
if len(result.Entries) == 1 {
return attrsToMap(result.Entries[0]), nil
}
return nil, LDAPError("Amount of Entries returned was not one")
}
开发者ID:korylprince,项目名称:go-ad-auth,代码行数:23,代码来源:auth.go
示例14: getDN
func getDN(cn string, config *Config, conn *ldap.Conn) (string, error) {
search := ldap.NewSearchRequest(
config.BaseDN,
ldap.ScopeWholeSubtree,
ldap.DerefAlways,
1, 0,
false,
fmt.Sprintf("(cn=%s)", cn),
nil,
nil,
)
result, err := conn.Search(search)
if err != nil {
if config.Debug {
log.Printf("DEBUG: LDAP Error %v\n", err)
}
return "", err
}
if len(result.Entries) > 0 {
return result.Entries[0].DN, nil
}
return "", ConfigError(fmt.Sprintf("No DN found for: %s", cn))
}
开发者ID:korylprince,项目名称:go-ad-auth,代码行数:23,代码来源:auth.go
示例15: ldapSearch
//ldap search and return required attributes' value from searched entries
//default return entry's DN value if you leave attrs array empty
func (la *LDAPAuth) ldapSearch(l *ldap.Conn, baseDN *string, filter *string, attrs *[]string) (string, error) {
if l == nil {
return "", fmt.Errorf("No ldap connection!")
}
glog.V(2).Infof("Searching...basedDN:%s, filter:%s", *baseDN, *filter)
searchRequest := ldap.NewSearchRequest(
*baseDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
*filter,
*attrs,
nil)
sr, err := l.Search(searchRequest)
if err != nil {
return "", err
}
if len(sr.Entries) != 1 {
return "", fmt.Errorf("User does not exist or too many entries returned.")
}
var buffer bytes.Buffer
for _, entry := range sr.Entries {
if len(*attrs) == 0 {
glog.V(2).Infof("Entry DN = %s", entry.DN)
buffer.WriteString(entry.DN)
} else {
for _, attr := range *attrs {
values := strings.Join(entry.GetAttributeValues(attr), " ")
glog.V(2).Infof("Entry %s = %s", attr, values)
buffer.WriteString(values)
}
}
}
return buffer.String(), nil
}
开发者ID:frank12268,项目名称:docker_auth,代码行数:38,代码来源:ldap_auth.go
示例16: indexHandler
func indexHandler(w http.ResponseWriter, r *http.Request) {
var (
xSearchPplMode = int(0)
xSearch string
xMessage string
dn string
dn_back string
dn_back_tmp []string
go_home_button string
ldap_Search string
ldapSearchMode = int(1)
ckl1 int
ldap_Attr []string
xGetDN [1000]string
xGetCkl int
l *ldap.Conn
err error
xFRColor = string("#FFFFFF")
xBGColor = string("#FFFFFF")
LUserName = string("")
setAdminMode = string("")
)
username, userperm := CheckUserSession(r, w)
//fmt.Printf("%s / %d\n", username, userperm)
switch userperm {
case roleAdmin:
xFRColor = "#FF0000"
xBGColor = "#FFFFFF"
LUserName = username
setAdminMode = "Yes"
case roleUser:
xFRColor = "#0000FF"
xBGColor = "#FFFFFF"
LUserName = username
default:
xFRColor = "#FFFFFF"
xBGColor = "#FFFFFF"
LUserName = ""
}
ldap_Attr = make([]string, len(rconf.WLB_LDAP_ATTR))
for ckl1 := 0; ckl1 < len(rconf.WLB_LDAP_ATTR); ckl1++ {
ldap_Attr[ckl1] = rconf.WLB_LDAP_ATTR[ckl1][0]
}
SABModules.Log_ON(&rconf)
defer SABModules.Log_OFF()
get_dn := r.FormValue("dn")
get_cn := r.FormValue("cn")
get_fn := r.FormValue("FirstName")
get_ln := r.FormValue("LastName")
searchMode := r.FormValue("SearchMode")
remIPClient := getIPAddress(r)
// log.Printf("DN: %s --- CN: %s", get_dn, get_cn)
if get_dn == "" {
dn = rconf.LDAP_URL[ldap_count][3]
} else {
dn = get_dn
}
if len(dn) < len(rconf.LDAP_URL[ldap_count][3]) {
dn = rconf.LDAP_URL[ldap_count][3]
}
log.Printf("->")
log.Printf("--> %s", pVersion)
log.Printf("->")
ucurl, _ := strconv.Unquote(r.RequestURI)
log.Println(remIPClient + " --> http://" + r.Host + ucurl)
log.Printf("%s ++> DN: %s / CN: %s / Mode: %d / Def.DN: %s", remIPClient, dn, ldap_Search, ldapSearchMode, rconf.LDAP_URL[ldap_count][3])
if get_cn == "" && get_ln == "" && get_fn == "" {
ldap_Search = rconf.LDAP_URL[ldap_count][4]
} else {
log.Printf("%s ++> SQL Search: %s/%s/%s\n", remIPClient, get_cn, get_fn, get_ln)
dbpg, err := sql.Open("postgres", rconf.PG_DSN)
if err != nil {
log.Fatalf("PG_INIT::Open() error: %v\n", err)
}
defer dbpg.Close()
queryx := "select x.dn from ldap_entries as x, ldapx_persons as y where x.uid=y.uid"
if len(get_cn) > 2 {
//.........这里部分代码省略.........
开发者ID:BestianRU,项目名称:SABookServices,代码行数:101,代码来源:WebLDAPBook.go
示例17: getLdapGroups
func getLdapGroups(cfg *ConfigEntry, c *ldap.Conn, userDN string, username string) ([]string, error) {
// retrieve the groups in a string/bool map as a structure to avoid duplicates inside
ldapMap := make(map[string]bool)
// Fetch the optional memberOf property values on the user object
// This is the most common method used in Active Directory setup to retrieve the groups
result, err := c.Search(&ldap.SearchRequest{
BaseDN: userDN,
Scope: 0, // base scope to fetch only the userDN
Filter: "(cn=*)", // bogus filter, required to fetch the CN from userDN
Attributes: []string{
"memberOf",
},
})
// this check remains in case something happens with the ldap query or connection
if err != nil {
return nil, fmt.Errorf("LDAP fetch of distinguishedName=%s failed: %v", userDN, err)
}
// if there are more than one entry, we consider the results irrelevant and ignore them
if len(result.Entries) == 1 {
for _, attr := range result.Entries[0].Attributes {
// Find the groups the user is member of from the 'memberOf' attribute extracting the CN
if attr.Name == "memberOf" {
for _, value := range attr.Values {
memberOfDN, err := ldap.ParseDN(value)
if err != nil || len(memberOfDN.RDNs) == 0 {
continue
}
for _, rdn := range memberOfDN.RDNs {
for _, rdnTypeAndValue := range rdn.Attributes {
if strings.EqualFold(rdnTypeAndValue.Type, "CN") {
ldapMap[rdnTypeAndValue.Value] = true
}
}
}
}
}
}
}
// Find groups by searching in groupDN for any of the memberUid, member or uniqueMember attributes
// and retrieving the CN in the DN result
if cfg.GroupDN != "" {
result, err := c.Search(&ldap.SearchRequest{
BaseDN: cfg.GroupDN,
Scope: 2, // subtree
Filter: fmt.Sprintf("(|(memberUid=%s)(member=%s)(uniqueMember=%s))", ldap.EscapeFilter(username), ldap.EscapeFilter(userDN), ldap.EscapeFilter(userDN)),
})
if err != nil {
return nil, fmt.Errorf("LDAP search failed: %v", err)
}
for _, e := range result.Entries {
dn, err := ldap.ParseDN(e.DN)
if err != nil || len(dn.RDNs) == 0 {
continue
}
for _, rdn := range dn.RDNs {
for _, rdnTypeAndValue := range rdn.Attributes {
if strings.EqualFold(rdnTypeAndValue.Type, "CN") {
ldapMap[rdnTypeAndValue.Value] = true
}
}
}
}
}
ldapGroups := make([]string, len(ldapMap))
for key, _ := range ldapMap {
ldapGroups = append(ldapGroups, key)
}
return ldapGroups, nil
}
开发者ID:faradayio,项目名称:vault-1,代码行数:73,代码来源:backend.go
示例18: davDNHandler
func davDNHandler(w http.ResponseWriter, r *http.Request) {
var (
uid string
uAction string
uFullname string
queryx string
err error
l *ldap.Conn
xFRColor = string("#FFFFFF")
xBGColor = string("#FFFFFF")
)
_, userperm := CheckUserSession(r, w)
switch userperm {
case roleAdmin:
//xFRColor = "#FF0000"
//xBGColor = "#FFFFFF"
default:
return
}
SABModules.Log_ON(&rconf)
defer SABModules.Log_OFF()
remIPClient := getIPAddress(r)
uid = r.FormValue("uid")
uAction = r.FormValue("action")
dbpg, err := sql.Open("postgres", rconf.PG_DSN)
if err != nil {
log.Fatalf("PG_INIT::Open() error: %v\n", err)
}
defer dbpg.Close()
queryx = fmt.Sprintf("select fullname from ldapx_persons where uid='%s';", uid)
rows, err := dbpg.Query(queryx)
if err != nil {
log.Printf("%s\n", queryx)
log.Printf("PG::Query() Get User Name for UID: %v\n", err)
return
}
rows.Next()
rows.Scan(&uFullname)
if uAction == "SaveDN" && len(uFullname) > 0 {
queryx = fmt.Sprintf("select id from aaa_logins where uid='%s';", uid)
rows, err := dbpg.Query(queryx)
if err != nil {
log.Printf("%s\n", queryx)
log.Printf("PG::Query() Get User ID for UID: %v\n", err)
return
}
xId := 0
rows.Next()
rows.Scan(&xId)
queryx = fmt.Sprintf("delete from aaa_dns where userid=%d;", xId)
_, err = dbpg.Query(queryx)
if err != nil {
log.Printf("%s\n", queryx)
log.Printf("PG::Query() Delete DNs for UID: %v\n", err)
return
}
time.Sleep(time.Second)
r.ParseForm()
for parName := range r.Form {
if strings.Contains(parName, "SaveDN") {
queryx = fmt.Sprintf("insert into aaa_dns (userid,dn) select %d, dn from ldap_entries where uid='%s';", xId, r.FormValue(parName))
//fmt.Printf("%s\n", queryx)
_, err = dbpg.Query(queryx)
if err != nil {
log.Printf("%s\n", queryx)
log.Printf("PG::Query() Insert DNs for UID: %v\n", err)
return
}
//fmt.Fprintf(w, "%v\n", r.FormValue(parName))
}
}
queryx = fmt.Sprintf("insert into aaa_dav_ntu (userid,updtime) select %d,%v where not exists (select userid from aaa_dav_ntu where userid=%d); update aaa_dav_ntu set updtime=%v where userid=%d;", xId, time.Now().Unix(), xId, time.Now().Unix(), xId)
//fmt.Printf("%s\n", queryx)
_, err = dbpg.Query(queryx)
if err != nil {
log.Printf("%s\n", queryx)
log.Printf("PG::Query() Update NTU table: %v\n", err)
return
}
log.Printf("%s --> Set DavDN List for %s", remIPClient, uFullname)
time.Sleep(time.Second)
fmt.Fprintf(w, "<script type=\"text/javascript\">window.close();</script>")
} else {
//.........这里部分代码省略.........
开发者ID:BestianRU,项目名称:SABookServices,代码行数:101,代码来源:WebLDAPBook.go
示例19: getMore
func getMore(remIPClient string, fField map[string]string, fType string, l *ldap.Conn, dnList map[string]tList, setAdminMode string) {
var (
fPath string
fURL string
fURLName string
ckl1, ckl2, ckl3 int
ldap_Attr []string
aaa_login = string("")
aaa_password = string("")
aaa_fullname = string("")
aaa_role = string("")
aaa_cdavmode = int(0)
newSABLogin string
get_davdn = string("")
err error
)
dbpg, err := sql.Open("postgres", rconf.PG_DSN)
if err != nil {
log.Fatalf("PG_INIT::Open() error: %v\n", err)
}
defer dbpg.Close()
if fField["DN"] != "" && (fField["USERName"] != "" || fField["ORGName"] != "") {
fPath = fField["DN"]
fPath = strings.Replace(strings.ToLower(fPath), ","+strings.ToLower(rconf.LDAP_URL[ldap_count][3]), "", -1)
fPath_Split := strings.Split(fPath, ",")
fURLName = ""
for ckl1 = 0; ckl1 < len(fPath_Split)-1; ckl1++ {
fPath_Strip := ""
for ckl2 = ckl1 + 1; ckl2 < len(fPath_Split); ckl2++ {
fPath_Strip = fmt.Sprintf("%s%s,", fPath_Strip, fPath_Split[ckl2])
}
if fType == "User" {
fPath_Strip = fmt.Sprintf("%s%s", fPath_Strip, rconf.LDAP_URL[ldap_count][3])
if ckl1 == 0 {
fURL = fPath_Strip
}
// log.Printf("X1: %s", fPath_Strip)
subsearch := ldap.NewSearchRequest(fPath_Strip, 0, ldap.NeverDerefAliases, 0, 0, false, rconf.LDAP_URL[ldap_count][4], ldap_Attr, nil)
subsr, err := l.Search(subsearch)
if err != nil {
// fmt.Fprintf(w, err.Error())
log.Printf("LDAP::Search() error: %v\n", err)
}
// log.Printf("Y1: %s / %s / %d\n", fPath_Strip, rconf.LDAP_URL[ldap_count][4], len(subsr.Entries))
if len(subsr.Entries) > 0 {
for _, subentry := range subsr.Entries {
for _, subattr := range subentry.Attributes {
for ckl3 = 0; ckl3 < len(rconf.WLB_LDAP_ATTR); ckl3++ {
if subattr.Name == rconf.WLB_LDAP_ATTR[ckl3][0] {
if rconf.WLB_LDAP_ATTR[ckl3][1] == "ORGName" {
if ckl1 == 0 {
fURLName = fmt.Sprintf("%s", strings.Join(subattr.Values, ","))
} else {
fURLName = fmt.Sprintf("%s / %s", strings.Join(subattr.Values, ","), fURLName)
}
// log.Printf("Z1: %s", fURLName)
}
}
}
}
}
}
}
}
fField["DN"] = strings.Replace(strings.ToLower(fField["DN"]), "/", ",", -1)
fmt.Sprintf("/Go%s?dn=%s", fType, fField["DN"])
fField["DN"] = fmt.Sprintf("/Go%s?dn=%s", fType, fField["DN"])
fURL = fmt.Sprintf("/Go%s?dn=%s", fType, fURL)
log.Printf("%s <-- %s", remIPClient, fField["DN"])
davDN := "LIST:\n"
if setAdminMode == "Yes" {
queryx := fmt.Sprintf("select x.dn from aaa_dns as x, aaa_logins as y where y.uid='%s' and y.id=x.userid;", fField["UID"])
//fmt.Printf("%s\n", queryx)
rows, err := dbpg.Query(queryx)
if err != nil {
log.Printf("PG::Query() Select info from aaa_logins: %v\n", err)
return
}
for rows.Next() {
rows.Scan(&get_davdn)
davDN = fmt.Sprintf("%s%s\n", davDN, get_davdn)
}
queryx = fmt.Sprintf("select login,password,fullname,role,cdavprefix from aaa_logins where uid='%s';", fField["UID"])
//fmt.Printf("%s\n", queryx)
rows, err = dbpg.Query(queryx)
if err != nil {
log.Printf("PG::Query() Select info from aaa_logins: %v\n", err)
return
}
rows.Next()
rows.Scan(&aaa_login, &aaa_password, &aaa_fullname, &aaa_role, &aaa_cdavmode)
if len(aaa_password) > 0 {
//.........这里部分代码省略.........
开发者ID:BestianRU,项目名称:SABookServices,代码行数:101,代码来源:WebLDAPBook.go
示例20: getLdapGroups
/*
* getLdapGroups queries LDAP and returns a slice describing the set of groups the authenticated user is a member of.
*
* The search query is constructed according to cfg.GroupFilter, and run in context of cfg.GroupDN.
* Groups will be resolved from the query results by following the attribute defined in cfg.GroupAttr.
*
* cfg.GroupFilter is a go template and is compiled with the following context: [UserDN, Username]
* UserDN - The DN of the authenticated user
* Username - The Username of the authenticated user
*
* Example:
* cfg.GroupFilter = "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))"
* cfg.GroupDN = "OU=Groups,DC=myorg,DC=com"
* cfg.GroupAttr = "cn"
*
* NOTE - If cfg.GroupFilter is empty, no query is performed and an empty result slice is returned.
*
*/
func (b *backend) getLdapGroups(cfg *ConfigEntry, c *ldap.Conn, userDN string, username string) ([]string, error) {
// retrieve the groups in a string/bool map as a structure to avoid duplicates inside
ldapMap := make(map[string]bool)
if cfg.GroupFilter == "" {
b.Logger().Warn("auth/ldap: GroupFilter is empty, will not query server")
return make([]string, 0), nil
}
if cfg.GroupDN == "" {
b.Logger().Warn("auth/ldap: GroupDN is empty, will not query server")
return make([]string, 0), nil
}
// If groupfilter was defined, resolve it as a Go template and use the query for
// returning the user's groups
if b.Logger().IsDebug() {
b.Logger().Debug("auth/ldap: Compiling group filter", "group_filter", cfg.GroupFilter)
}
// Parse the configuration as a template.
// Example template "(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}}))"
t, err := template.New("queryTemplate").Parse(cfg.GroupFilter)
if err != nil {
return nil, fmt.Errorf("LDAP search failed due to template compilation error: %v", err)
}
// Build context to pass to template - we will be exposing UserDn and Username.
context := struct {
UserDN string
Username string
}{
ldap.EscapeFilter(userDN),
ldap.EscapeFilter(username),
}
var renderedQuery bytes.Buffer
t.Execute(&renderedQuery, context)
if b.Logger().IsDebug() {
b.Logger().Debug("auth/ldap: Searching", "groupdn", cfg.GroupDN, "rendered_query", renderedQuery.String())
}
result, err := c.Search(&ldap.SearchRequest{
BaseDN: cfg.GroupDN,
Scope: 2, // subtree
Filter: renderedQuery.String(),
Attributes: []string{
cfg.GroupAttr,
},
})
if err != nil {
return nil, fmt.Errorf("LDAP search failed: %v", err)
}
for _, e := range result.Entries {
dn, err := ldap.ParseDN(e.DN)
if err != nil || len(dn.RDNs) == 0 {
continue
}
// Enumerate attributes of each result, parse out CN and add as group
values := e.GetAttributeValues(cfg.GroupAttr)
if len(values) > 0 {
for _, val := range values {
groupCN := b.getCN(val)
ldapMap[groupCN] = true
}
} else {
// If groupattr didn't resolve, use self (enumerating group objects)
groupCN := b.getCN(e.DN)
ldapMap[groupCN] = true
}
}
ldapGroups := make([]string, 0, len(ldapMap))
for key, _ := range ldapMap {
ldapGroups = append(ldapGroups, key)
}
return ldapGroups, nil
}
开发者ID:chrishoffman,项目名称:vault,代码行数:100,代码来源:backend.go
注:本文中的github.com/go-ldap/ldap.Conn类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论