use*_*324 5 ldap openldap node.js passport.js
我正在尝试使用passport-ldapauth npm验证openLDAP用户名和密码.执行以下代码时,我总是收到错误
{ message: 'Missing credentials' }.请帮助我解决我的代码有什么问题.
var connect = require('connect'),
app = connect(),
passport = require('passport'),
LdapStrategy = require('passport-ldapauth');
// Credentials from the free LDAP test server by forumsys
// More info at: http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/
var OPTS = {
server: {
url: 'ldap://<ip>',
bindDn: '<admin username>',
bindCredentials: '<admin password>',
usernameField: "<passing actual username>",
passwordField: "<password>"
}
};
passport.use(new LdapStrategy(OPTS));
app.use(passport.initialize());
app.use(connectRoute(function (router) {
router.post('/login', function (req, res, next) {
passport.authenticate('ldapauth', {session: false}, function (err, user, info) {
console.log(info);
if (err) {
return next(err); // will generate a 500 error
}
// Generate a JSON response reflecting authentication status
if (!user) {
return res.send({success: false, message: 'authentication failed'});
}
return res.send({success: true, message: 'authentication succeeded'});
})(req, res, next);
});
}))
app.listen(8080);
有关更多详细信息,请参阅此badRequestMessage flash消息以查找缺少的用户名/密码(默认值:'缺少凭据')
这是我的配置:
var passport = require('passport');
var LdapStrategy = require('passport-ldapauth').Strategy;
var OPTS = {
server: {
url: '<ldap server>',
bindDn: '<admin username>',
bindCredentials: '<admin password>',
searchBase: '<base dn>',
searchFilter: '(sAMAccountName={{username}})'
}
};
passport.use(new LdapStrategy(OPTS));
app.use(passport.initialize());
app.use(passport.session());
passport.serializeUser(function(user, done) {
done(null, user);
});
passport.deserializeUser(function(user, done) {
done(null, user);
});
在usernameField和passwordField中OPTS是可选的.我的程序使用默认值username和password.如果usernameField已设置,则需要修改searchFilter为(sAMAccountName={{<usernameField value>}})或(uid={{<usernameField value>}}).
此外,为了在会话中存储登录状态,express-session需要模块.会话配置如下:
var session = require('express-session');
app.use(session({
secret: 'ldap secret',
resave: false,
saveUninitialized: true,
cookie : { httpOnly: true, maxAge: 2419200000 } /// maxAge in milliseconds
}));
然后,您可以将LDAP身份验证用作:
app.post('/login', passport.authenticate('ldapauth', {
successRedirect: '/users/profile', failureRedirect: '/login'
}));
| 归档时间: |
|
| 查看次数: |
15952 次 |
| 最近记录: |