mainnika/nginx-auth-ldap
1
0
Fork 0
mirror of https://github.com/mainnika/nginx-auth-ldap.git synced 2026-05-22 15:53:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
143 Commits 1 Branch 1 Tag
81f7e2448c4f347bf82d31ef87888e73b8adb1d7
Commit Graph

143 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Donald Huang febe91256f avoid crashes comparing groups 2015-05-14 10:42:08 +03:00
Valery Komarov 0d6ba9a12e Merge pull request #79 from sonnius/master 
Compile cleanly on FreeBSD
 2015-04-30 13:31:09 +03:00
sonnius dab16a5f62 Compile cleanly on FreeBSD 
Compile cleanly on FreeBSD

FreeBSD 10.1 (tested version) needs the lber during linking.
 2015-04-30 15:23:48 +12:00
Valery Komarov a8b5948e0e Merge pull request #75 from cryptogopher/master 
Checking if ldap_server is defined before auth_ldap_servers.
 2015-03-01 09:51:47 +03:00
cryptogopher 91f951ecd9 Checking if ldap_server is defined before auth_ldap_servers. Getting segfault without this check. 2015-02-28 14:33:10 +01:00
Valery b365771d2a Merge pull request #65 from pweiskircher/master 
Authentication timeout and segmentation fault fix on multiple, concurrent requests being processed at the same time
 2015-01-19 18:07:01 +03:00
Valery 7de94294e6 Merge pull request #66 from amoiseiev/master 
Treating LDAP_NO_SUCH_OBJECT as soft error, updating example.conf
 2015-01-19 17:46:57 +03:00
Valery 8d95546cf2 Merge pull request #68 from lucamilanesio/ldap-configurable-connection-timeout 
Configurable timeouts on a per-LDAP server basis
 2015-01-19 17:45:49 +03:00
Luca Milanesio 8e92526458 Configurable timeouts on a per-LDAP basis 
Enable configure timeouts for LDAP connections and queries
on ldap_server section.

Example config:

ldap_server myldap {
    url ldap://myldap.org/CN=users,CN=accounts,DC=myorg?uid?sub?(objectClass=person);
    connections 10;
    connect_timeout 30s;
    reconnect_timeout 5s;
    bind_timeout 15s;
    request_timeout 20s;
    require valid_user;
}

When timeout settings are not defined, the previous hardcoded values are used as
default : 5s (bind), 10s (connect, reconnect, request).
 2015-01-14 12:51:52 +00:00
Andrii Moiseiev 4b7f989831 replacing tabs with spaces to fix example.conf formating 2015-01-12 14:10:42 -05:00
Andrii Moiseiev c8a1b733c3 replacing tabs with spaces to fix example.conf formating 2015-01-12 14:07:10 -05:00
Andrii Moiseiev a54a7b8971 replacing tabs with spaces to fix example.conf formating 2015-01-12 14:05:37 -05:00
Andrii Moiseiev d1dbca7d0d fixing auth failure issue when CN of user or group doesn't exist 2015-01-12 14:02:44 -05:00
Patrik Weiskircher 95d64f0797 don't return the connection after every LDAP reply. 
This makes the connection more sticky to one request and prevents auth timeouts and lost requests.
 2014-12-23 10:46:20 -05:00
Patrik Weiskircher a471062903 remove quick and dirty hack to rebind to the search user. it has been implemented correctly already. 2014-12-23 10:45:04 -05:00
Patrik Weiskircher 20f279f0f9 Fix requests that were waiting on a LDAP connection getting lost and timing out after 10 seconds. 2014-12-22 12:52:28 -05:00
Valery cc76ecbd33 Merge pull request #58 from nyoxi/master 
Fix: Passed incorrect pointer to SSL handshake handler.
 2014-09-19 21:43:08 +04:00
Tomáš Golembiovský fae9e215c6 Passed incorrect pointer to SSL handshake handler. 2014-09-18 14:16:58 +02:00
Valery 7aa2414c76 Merge pull request #45 from nyoxi/master 
Removed recursion during ssl handshake (should fix #34)
 2014-09-17 21:48:37 +04:00
Valery 8a2e128ba7 Merge pull request #54 from huangsam/patch-1 
config: Fix compilation for Linux
 2014-09-17 21:47:46 +04:00
Samuel Huang eaae4dac6f config: Fix compilation for Linux 
Attempt to resolve https://github.com/kvspb/nginx-auth-ldap/issues/23
 2014-09-08 23:55:23 -07:00
Valery 8f2b5f86f4 Merge pull request #39 from pmenglund/readme 
updated README
 2014-06-09 15:15:45 +04:00
Valery a8a5cd233e Merge pull request #41 from davidjb/master 
Fix authentication for user/group validations - passwords fail to be checked
 2014-06-09 15:13:52 +04:00
Valery 687b0a5af0 Merge pull request #37 from prune998/patch-1 
Update ngx_http_auth_ldap_module.c
 2014-06-09 15:12:55 +04:00
Tomáš Golembiovský 930918b6c9 Fixed compilation without SSL (fixes #22) 2014-05-15 19:56:27 +02:00
Tomáš Golembiovský 5d82c4a6e5 Removed recursion during ssl handshake (should fix #34) 2014-05-15 19:22:26 +02:00
David Beitey 0cc183bedd Fix authentication for user/group validations 
This fixes issue #40.  User passwords should *always* be checked during authentication (except when a user fails to satisfy given requirements).  Previously, the PHASE_CHECK_BIND step of authentication would not check passwords in any LDAP configuration where ``require valid_user`` was not specified (eg using ``require user`` or ``require group``).
 2014-03-19 15:44:20 +10:00
Martin Englund c0a1383220 updated README 2014-03-05 11:04:08 -08:00
Prune 97a992b700 Update ngx_http_auth_ldap_module.c 
added a rebind as privileged user in the same function as the user bind to reset the connextion to a usable state
 2014-02-27 10:18:54 -05:00
Valery 93cd9f094a Merge pull request #31 from nyoxi/master 
Several unrelated fixes
 2014-02-10 06:54:39 +03:00
Tomáš Golembiovský f344b0164d Fixed event handling when SSL is used with something else then epoll 2014-01-28 17:38:49 +01:00
Tomáš Golembiovský 4530170886 Fixed compilation on Solaris 2014-01-28 17:38:49 +01:00
Tomáš Golembiovský 27bc70be13 Fixing authentization process 2014-01-17 14:43:03 +01:00
Tomáš Golembiovský eac8408c82 Allow include directive in ldap block 2014-01-16 18:25:42 +01:00
Valery bb74441c52 Merge pull request #24 from rdnelson/master 
Fixed #21 by rebinding to server's binddn after each bind.
 2013-10-23 00:15:55 -07:00
Valery 5909f47d89 Merge pull request #18 from nyoxi/master 
bugfix: User gets authenticated when satisfy is 'any' and no group matches.
 2013-10-23 00:12:43 -07:00
Robert Nelson 7248c9e257 Fixed #21 by rebinding to server's binddn after each bind. 2013-10-18 15:13:55 -04:00
Tomáš Golembiovský 59ef5fd1df bugfix: User gets authenticated when satisfy is 'any' and no group 
matches.
 2013-09-09 18:50:07 +02:00
Valery ee45bc4898 Merge pull request #17 from yirkha/master 
A few more fixes and SSL support
 2013-09-04 22:36:17 -07:00
Jiri Hruska f4d1da9bb7 Add support for ldaps:// SSL connections 2013-09-04 17:44:06 +02:00
Jiri Hruska 214de5be41 Avoid duplicate error message when server closes the connection 2013-09-04 13:37:36 +02:00
Jiri Hruska 5cb46a08e7 Do not crash on startup when no servers have been defined 2013-09-03 19:12:29 +02:00
Jiri Hruska 6eea22868d Initialize ngx_http_auth_ldap_server_t structure fields properly 2013-09-03 17:59:28 +02:00
Valery 8d03e56550 Update README.md 2013-08-30 10:11:00 +04:00
Valery dc27cccaa1 Merge pull request #16 from yirkha/master 
Persistent asynchronous connections, credentials cache etc.
 2013-08-29 23:01:08 -07:00
Jiri Hruska 941022a521 Merge remote-tracking branch 'upstream/master' 2013-08-30 07:32:40 +02:00
Jiri Hruska 20abfeae74 Update README.md 2013-08-30 07:29:14 +02:00
Jiri Hruska 007ef91db1 Implement reconnect when LDAP connection goes down 2013-08-30 07:17:56 +02:00
Jiri Hruska 9b192fee53 Fix intermittent authentication failures 
Sometimes the authentication handler got called again just after the
search operation has been started, immediately failing because nothing
has been found yet. Added an extra safety check for these cases.
 2013-08-30 07:17:56 +02:00
Jiri Hruska eb313ca473 Open configurable amount of connections to all servers 
Only one connection to the first server was opened up to now.
 2013-08-30 07:17:56 +02:00