Git Product home page Git Product logo

dropwizard-auth-ldap's Introduction

LDAP Authenticator Build Status Maven Central

This is a simple dropwizard-auth module using Basic-Auth + LDAP for authentication. This is the module internal tools at Yammer used to authenticate users.

Note: This module has only been subjected to the traffic of our engineering team. We have not used this to authenticate high-traffic or tuned the JNDI connection pool as such.

Maven

<dependency>
    <groupId>com.yammer.dropwizard</groupId>
    <artifactId>dropwizard-auth-ldap</artifactId>
    <version>1.0.0</version>
</dependency>

Legacy Dropwizard Support

0.0.x releases will contain bug/security updates. 0.1.x and beyond will support 0.7+ dropwizard

How To Use

LdapConfiguration configuration = new LdapConfiguration();
LdapAuthenticator authenticator = new LdapAuthenticator(configuration);
authenticator.authenticate(new BasicCredentials("user", "password"));

Add it to your Service

I assume you are already familiar with dropwizard's authentication module. You can find more information about dropwizard authentication at http://www.dropwizard.io/manual/auth.html

Here is an example how to add LdapAuthenticator using a CachingAuthenticator to your service:

@Override
public void run(Configuration configuration, Environment environment) throws Exception {
    LdapConfiguration ldapConfiguration = configuration.getLdapConfiguration();
    Authenticator<BasicCredentials, BasicCredentials> ldapAuthenticator = new CachingAuthenticator<>(
            environment.metrics(),
            new ResourceAuthenticator(new LdapAuthenticator(ldapConfiguration)),
            ldapConfiguration.getCachePolicy());

    environment.jersey().register(AuthFactory.binder(new BasicAuthFactory<>(ldapAuthenticator, "realm", BasicCredentials.class));
    environment.healthChecks().register("ldap",
            new LdapHealthCheck<>(new ResourceAuthenticator(new LdapCanAuthenticate(ldapConfiguration))));
}

Additional Notes

Make sure to register your resources. Example:

environment.jersey().register(new YourResource());

Configuration

uri: ldaps://myldap.com:636
cachePolicy: maximumSize=10000, expireAfterWrite=10m
userFilter: ou=people,dc=yourcompany,dc=com
groupFilter: ou=groups,dc=yourcompany,dc=com
userNameAttribute: cn
groupNameAttribute: cn
groupMembershipAttribute: memberUid
groupClassName: posixGroup
restrictToGroups:
    - user
    - admin
    - bots
connectTimeout: 500ms
readTimeout: 500ms

CHANGELOG

Check the Changelog for detailed updates.

Bugs and Feedback

For bugs, questions, and discussions please use the Github Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.