nginx-auth-ldap

Commit Graph

Author	SHA1	Message	Date
Valery	b365771d2a	Merge pull request #65 from pweiskircher/master Authentication timeout and segmentation fault fix on multiple, concurrent requests being processed at the same time	10 years ago
Valery	7de94294e6	Merge pull request #66 from amoiseiev/master Treating LDAP_NO_SUCH_OBJECT as soft error, updating example.conf	10 years ago
Valery	8d95546cf2	Merge pull request #68 from lucamilanesio/ldap-configurable-connection-timeout Configurable timeouts on a per-LDAP server basis	10 years ago
Luca Milanesio	8e92526458	Configurable timeouts on a per-LDAP basis Enable configure timeouts for LDAP connections and queries on ldap_server section. Example config: ldap_server myldap { url ldap://myldap.org/CN=users,CN=accounts,DC=myorg?uid?sub?(objectClass=person); connections 10; connect_timeout 30s; reconnect_timeout 5s; bind_timeout 15s; request_timeout 20s; require valid_user; } When timeout settings are not defined, the previous hardcoded values are used as default : 5s (bind), 10s (connect, reconnect, request).	10 years ago
Andrii Moiseiev	4b7f989831	replacing tabs with spaces to fix example.conf formating	10 years ago
Andrii Moiseiev	c8a1b733c3	replacing tabs with spaces to fix example.conf formating	10 years ago
Andrii Moiseiev	a54a7b8971	replacing tabs with spaces to fix example.conf formating	10 years ago
Andrii Moiseiev	d1dbca7d0d	fixing auth failure issue when CN of user or group doesn't exist	10 years ago
Patrik Weiskircher	95d64f0797	don't return the connection after every LDAP reply. This makes the connection more sticky to one request and prevents auth timeouts and lost requests.	10 years ago
Patrik Weiskircher	a471062903	remove quick and dirty hack to rebind to the search user. it has been implemented correctly already.	10 years ago
Patrik Weiskircher	20f279f0f9	Fix requests that were waiting on a LDAP connection getting lost and timing out after 10 seconds.	10 years ago
Valery	cc76ecbd33	Merge pull request #58 from nyoxi/master Fix: Passed incorrect pointer to SSL handshake handler.	10 years ago
Tomáš Golembiovský	fae9e215c6	Passed incorrect pointer to SSL handshake handler.	10 years ago
Valery	7aa2414c76	Merge pull request #45 from nyoxi/master Removed recursion during ssl handshake (should fix #34)	10 years ago
Valery	8a2e128ba7	Merge pull request #54 from huangsam/patch-1 config: Fix compilation for Linux	10 years ago
Samuel Huang	eaae4dac6f	config: Fix compilation for Linux Attempt to resolve https://github.com/kvspb/nginx-auth-ldap/issues/23	10 years ago
Valery	8f2b5f86f4	Merge pull request #39 from pmenglund/readme updated README	11 years ago
Valery	a8a5cd233e	Merge pull request #41 from davidjb/master Fix authentication for user/group validations - passwords fail to be checked	11 years ago
Valery	687b0a5af0	Merge pull request #37 from prune998/patch-1 Update ngx_http_auth_ldap_module.c	11 years ago
Tomáš Golembiovský	930918b6c9	Fixed compilation without SSL (fixes #22 )	11 years ago
Tomáš Golembiovský	5d82c4a6e5	Removed recursion during ssl handshake (should fix #34 )	11 years ago
David Beitey	0cc183bedd	Fix authentication for user/group validations This fixes issue #40. User passwords should always be checked during authentication (except when a user fails to satisfy given requirements). Previously, the PHASE_CHECK_BIND step of authentication would not check passwords in any LDAP configuration where ``require valid_user`` was not specified (eg using ``require user`` or ``require group``).	11 years ago
Martin Englund	c0a1383220	updated README	11 years ago
Prune	97a992b700	Update ngx_http_auth_ldap_module.c added a rebind as privileged user in the same function as the user bind to reset the connextion to a usable state	11 years ago
Valery	93cd9f094a	Merge pull request #31 from nyoxi/master Several unrelated fixes	11 years ago
Tomáš Golembiovský	f344b0164d	Fixed event handling when SSL is used with something else then epoll	11 years ago
Tomáš Golembiovský	4530170886	Fixed compilation on Solaris	11 years ago
Tomáš Golembiovský	27bc70be13	Fixing authentization process	11 years ago
Tomáš Golembiovský	eac8408c82	Allow include directive in ldap block	11 years ago
Valery	bb74441c52	Merge pull request #24 from rdnelson/master Fixed #21 by rebinding to server's binddn after each bind.	11 years ago
Valery	5909f47d89	Merge pull request #18 from nyoxi/master bugfix: User gets authenticated when satisfy is 'any' and no group matches.	11 years ago
Robert Nelson	7248c9e257	Fixed #21 by rebinding to server's binddn after each bind.	11 years ago
Tomáš Golembiovský	59ef5fd1df	bugfix: User gets authenticated when satisfy is 'any' and no group matches.	11 years ago
Valery	ee45bc4898	Merge pull request #17 from yirkha/master A few more fixes and SSL support	11 years ago
Jiri Hruska	f4d1da9bb7	Add support for ldaps:// SSL connections	11 years ago
Jiri Hruska	214de5be41	Avoid duplicate error message when server closes the connection	11 years ago
Jiri Hruska	5cb46a08e7	Do not crash on startup when no servers have been defined	11 years ago
Jiri Hruska	6eea22868d	Initialize ngx_http_auth_ldap_server_t structure fields properly	11 years ago
Valery	8d03e56550	Update README.md	11 years ago
Valery	dc27cccaa1	Merge pull request #16 from yirkha/master Persistent asynchronous connections, credentials cache etc.	11 years ago
Jiri Hruska	941022a521	Merge remote-tracking branch 'upstream/master'	11 years ago
Jiri Hruska	20abfeae74	Update README.md	11 years ago
Jiri Hruska	007ef91db1	Implement reconnect when LDAP connection goes down	11 years ago
Jiri Hruska	9b192fee53	Fix intermittent authentication failures Sometimes the authentication handler got called again just after the search operation has been started, immediately failing because nothing has been found yet. Added an extra safety check for these cases.	11 years ago
Jiri Hruska	eb313ca473	Open configurable amount of connections to all servers Only one connection to the first server was opened up to now.	11 years ago
Jiri Hruska	afda839edb	Handle LDAP operations asynchronously using nginx event architecture A connection is opened using nginx framework and then fed to OpenLDAP using ldap_init_fd() call with custom SockBuf IO handlers. When some credentials need to be validated, ngx_http_auth_ldap_authenticate() is called multiple times, returning NGX_AGAIN each time the process is waiting for the LDAP server to reply. (Note: This only an initial implementation and as such, it is of course very buggy and limited. Further work is needed to make it useful.)	11 years ago
Jiri Hruska	7acf3b4a98	Unification and small cleanup of log messages Most importantly, all messages start with "http_auth_ldap: " now.	11 years ago
Jiri Hruska	16c3452ec0	Minor code formatting cleanup	11 years ago
Jiri Hruska	1b6ee8e0c1	Clean function order a bit before further big changes	11 years ago
Jiri Hruska	c8d76769d4	Add contribution notice to the licenses	11 years ago

1 2 3

138 Commits (962c278ec52e3050f1d809431f08096d576f8f41) All Branches Search

138 Commits (962c278ec52e3050f1d809431f08096d576f8f41)

All Branches