我正在尝试使用golang连接和验证用户ldap.
我正在使用带有以下示例代码的go-ldap-client:
package main
import (
"log"
"github.com/jtblin/go-ldap-client"
)
func main() {
client := &ldap.LDAPClient{
Base: "dc=example,dc=com",
Host: "ldap.example.com",
Port: 389,
UseSSL: false,
BindDN: "uid=readonlysuer,ou=People,dc=example,dc=com",
BindPassword: "readonlypassword",
UserFilter: "(uid=%s)",
GroupFilter: "(memberUid=%s)",
Attributes: []string{"givenName", "sn", "mail", "uid"},
}
# It is the responsibility of the caller to close the connection
defer client.Close()
ok, user, err := client.Authenticate("username", "password")
if err != nil {
log.Fatalf("Error authenticating user %s: %+v", "username", err)
}
if !ok {
log.Fatalf("Authenticating failed for user %s", "username")
}
log.Printf("User: %+v", user)
groups, err := client.GetGroupsOfUser("username")
if err != nil {
log.Fatalf("Error getting groups for user %s: %+v", "username", err)
}
log.Printf("Groups: %+v", groups)
}
已安装对gopkg.in/ldap.v2的依赖性.
该问题是,我收到以下错误:
2016/01/15 17:34:55 Error authenticating user username: LDAP Result Code 2 "Protocol Error": ldap: cannot StartTLS (unsupported extended operation)
exit status 1
有关此错误的任何提示?
Kir*_*ril 11
好的,让我们尝试使用身份验证github.com/go-ldap/ldap.首先,你需要创建一个*ldap.Conn.如果您的LDAP服务器支持,我建议使用TLS:
// TLS, for testing purposes disable certificate verification, check https://golang.org/pkg/crypto/tls/#Config for further information.
tlsConfig := &tls.Config{InsecureSkipVerify: true}
l, err := ldap.DialTLS("tcp", "ldap.example.com:636", tlsConfig)
// No TLS, not recommended
l, err := ldap.Dial("tcp", "ldap.example.com:389")
现在您应该与LDAP服务器建立活动连接.使用此连接,您必须执行绑定:
err := l.Bind("user@test.com", "password")
if err != nil {
// error in ldap bind
log.Println(err)
}
// successful bind
| 归档时间: |
|
| 查看次数: |
11854 次 |
| 最近记录: |