mirror of
https://github.com/syncthing/syncthing.git
synced 2024-11-16 10:28:49 -07:00
48f9d323fa
This adds the functionality to run a user search with a filter for LDAP authentication. The search is done after successful bind, as the binding user. The typical use case is to limit authentication to users who are member of a group or under a certain OU. For example, to only match users in the "Syncthing" group in otherwise default Active Directory set up for example.com: <searchBaseDN>CN=Users,DC=example,DC=com</searchBaseDN> <searchFilter>(&(sAMAccountName=%s)(memberOf=CN=Syncthing,CN=Users,DC=example,DC=com))</searchFilter> The search filter is an "and" of two criteria (with the ampersand being XML quoted), - "(sAMAccountName=%s)" matches the user logging in - "(memberOf=CN=Syncthing,CN=Users,DC=example,DC=com)" matches members of the group in question. Authentication will only proceed if the search filter matches precisely one user. |
||
---|---|---|
.. | ||
testdata | ||
.gitignore | ||
api_auth_test.go | ||
api_auth.go | ||
api_csrf.go | ||
api_statics.go | ||
api_test.go | ||
api.go | ||
debug.go | ||
mocked_config_test.go | ||
mocked_connections_test.go | ||
mocked_discovery_test.go | ||
mocked_events_test.go | ||
mocked_logger_test.go | ||
mocked_model_test.go | ||
support_bundle.go |