Code Monkey home page Code Monkey logo

dropwizard-auth-ldap's Introduction

LDAP Authenticator Build Status Maven Central

This is a simple dropwizard-auth module using Basic-Auth + LDAP for authentication. This is the module internal tools at Yammer used to authenticate users.

Note: This module has only been subjected to the traffic of our engineering team. We have not used this to authenticate high-traffic or tuned the JNDI connection pool as such.

Maven

<dependency>
    <groupId>com.yammer.dropwizard</groupId>
    <artifactId>dropwizard-auth-ldap</artifactId>
    <version>1.0.0</version>
</dependency>

Legacy Dropwizard Support

0.0.x releases will contain bug/security updates. 0.1.x and beyond will support 0.7+ dropwizard

How To Use

LdapConfiguration configuration = new LdapConfiguration();
LdapAuthenticator authenticator = new LdapAuthenticator(configuration);
authenticator.authenticate(new BasicCredentials("user", "password"));

Add it to your Service

I assume you are already familiar with dropwizard's authentication module. You can find more information about dropwizard authentication at http://www.dropwizard.io/manual/auth.html

Here is an example how to add LdapAuthenticator using a CachingAuthenticator to your service:

@Override
public void run(Configuration configuration, Environment environment) throws Exception {
    LdapConfiguration ldapConfiguration = configuration.getLdapConfiguration();
    Authenticator<BasicCredentials, BasicCredentials> ldapAuthenticator = new CachingAuthenticator<>(
            environment.metrics(),
            new ResourceAuthenticator(new LdapAuthenticator(ldapConfiguration)),
            ldapConfiguration.getCachePolicy());

    environment.jersey().register(AuthFactory.binder(new BasicAuthFactory<>(ldapAuthenticator, "realm", BasicCredentials.class));
    environment.healthChecks().register("ldap",
            new LdapHealthCheck<>(new ResourceAuthenticator(new LdapCanAuthenticate(ldapConfiguration))));
}

Additional Notes

Make sure to register your resources. Example:

environment.jersey().register(new YourResource());

Configuration

uri: ldaps://myldap.com:636
cachePolicy: maximumSize=10000, expireAfterWrite=10m
userFilter: ou=people,dc=yourcompany,dc=com
groupFilter: ou=groups,dc=yourcompany,dc=com
userNameAttribute: cn
groupNameAttribute: cn
groupMembershipAttribute: memberUid
groupClassName: posixGroup
restrictToGroups:
    - user
    - admin
    - bots
connectTimeout: 500ms
readTimeout: 500ms
negotiateTls: true

Note: You can set groupClassName to groupOfNames and the groupMembershipAttribute to member to search for group membership using the full userDN.

CHANGELOG

Check the Changelog for detailed updates.

Bugs and Feedback

For bugs, questions, and discussions please use the Github Issues

dropwizard-auth-ldap's People

Contributors

chrisgray avatar d-lorenc avatar maheshkelkar avatar neurons avatar pshaw125 avatar reines avatar roblally avatar tohaag avatar velocipedist avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.