本文整理匯總了Golang中github.com/go-ldap/ldap.Conn類的典型用法代碼示例。如果您正苦於以下問題:Golang Conn類的具體用法?Golang Conn怎麽用?Golang Conn使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
在下文中一共展示了Conn類的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: initLDAPConnector
func initLDAPConnector() string {
var (
ckl = int(0)
err error
l *ldap.Conn
)
for {
if ckl > 9 {
log.Printf("LDAP Init SRV ***** Error connect to all LDAP servers...")
return "error"
}
ldap_count++
if ldap_count > len(rconf.LDAP_URL)-1 {
ldap_count = 0
}
log.Printf("LDAP Init SRV ***** Trying connect to server %d of %d: %s", ldap_count+1, len(rconf.LDAP_URL), rconf.LDAP_URL[ldap_count][0])
l, err = ldap.Dial("tcp", rconf.LDAP_URL[ldap_count][0])
if err != nil {
continue
}
defer l.Close()
break
ckl++
}
return rconf.LDAP_URL[ldap_count][0]
}示例2: getUserDN
/*
* Returns the DN of the object representing the authenticated user.
*/
func (b *backend) getUserDN(cfg *ConfigEntry, c *ldap.Conn, bindDN string) (string, error) {
userDN := ""
if cfg.UPNDomain != "" {
// Find the distinguished name for the user if userPrincipalName used for login
filter := fmt.Sprintf("(userPrincipalName=%s)", ldap.EscapeFilter(bindDN))
if b.Logger().IsDebug() {
b.Logger().Debug("auth/ldap: Searching UPN", "userdn", cfg.UserDN, "filter", filter)
}
result, err := c.Search(&ldap.SearchRequest{
BaseDN: cfg.UserDN,
Scope: 2, // subtree
Filter: filter,
})
if err != nil {
return userDN, fmt.Errorf("LDAP search failed for detecting user: %v", err)
}
for _, e := range result.Entries {
userDN = e.DN
}
} else {
userDN = bindDN
}
return userDN, nil
}示例3: getBindDN
func getBindDN(cfg *ConfigEntry, c *ldap.Conn, username string) (string, error) {
bindDN := ""
if cfg.DiscoverDN || (cfg.BindDN != "" && cfg.BindPassword != "") {
if err := c.Bind(cfg.BindDN, cfg.BindPassword); err != nil {
return bindDN, fmt.Errorf("LDAP bind (service) failed: %v", err)
}
result, err := c.Search(&ldap.SearchRequest{
BaseDN: cfg.UserDN,
Scope: 2, // subtree
Filter: fmt.Sprintf("(%s=%s)", cfg.UserAttr, ldap.EscapeFilter(username)),
})
if err != nil {
return bindDN, fmt.Errorf("LDAP search for binddn failed: %v", err)
}
if len(result.Entries) != 1 {
return bindDN, fmt.Errorf("LDAP search for binddn 0 or not unique")
}
bindDN = result.Entries[0].DN
} else {
if cfg.UPNDomain != "" {
bindDN = fmt.Sprintf("%[email protected]%s", EscapeLDAPValue(username), cfg.UPNDomain)
} else {
bindDN = fmt.Sprintf("%s=%s,%s", cfg.UserAttr, EscapeLDAPValue(username), cfg.UserDN)
}
}
return bindDN, nil
}示例4: Bind
// Bind binds to a given LDAP connection if a bind DN and password were given.
// Bind returns whether a bind occurred and whether an error occurred
func (l *LDAPClientConfig) Bind(connection *ldap.Conn) (bound bool, err error) {
if len(l.BindDN) > 0 {
if err := connection.Bind(l.BindDN, l.BindPassword); err != nil {
return false, err
} else {
return true, nil
}
}
return false, nil
}示例5: DialLDAP
func (c *ConfigEntry) DialLDAP() (*ldap.Conn, error) {
u, err := url.Parse(c.Url)
if err != nil {
return nil, err
}
host, port, err := net.SplitHostPort(u.Host)
if err != nil {
host = u.Host
}
var conn *ldap.Conn
var tlsConfig *tls.Config
switch u.Scheme {
case "ldap":
if port == "" {
port = "389"
}
conn, err = ldap.Dial("tcp", host+":"+port)
if err != nil {
break
}
if conn == nil {
err = fmt.Errorf("empty connection after dialing")
break
}
if c.StartTLS {
tlsConfig, err = c.GetTLSConfig(host)
if err != nil {
break
}
err = conn.StartTLS(tlsConfig)
}
case "ldaps":
if port == "" {
port = "636"
}
tlsConfig, err = c.GetTLSConfig(host)
if err != nil {
break
}
conn, err = ldap.DialTLS("tcp", host+":"+port, tlsConfig)
default:
return nil, fmt.Errorf("invalid LDAP scheme")
}
if err != nil {
return nil, fmt.Errorf("cannot connect to LDAP: %v", err)
}
return conn, nil
}示例6: bindReadOnlyUser
func (la *LDAPAuth) bindReadOnlyUser(l *ldap.Conn) error {
if la.config.BindDN != "" {
password, err := ioutil.ReadFile(la.config.BindPasswordFile)
if err != nil {
return err
}
glog.V(2).Infof("Bind read-only user %s", string(password))
err = l.Bind(la.config.BindDN, string(password))
if err != nil {
return err
}
}
return nil
}示例7: modify
// modify enables or disables an LDAP account
func modify(l *ldap.Conn, entry *ldap.Entry, action string) error {
useraccountcontrol := entry.Attributes[1].Values[0]
if useraccountcontrol != action {
modify := ldap.NewModifyRequest(entry.DN)
modify.Replace("useraccountcontrol", []string{action})
if err := l.Modify(modify); err != nil {
log.Println("ERROR: %s\n", err.Error())
return err
}
cn := entry.Attributes[0].Values[0]
logMod(cn, action)
}
return nil
}示例8: bindReadOnlyUser
func (la *LDAPAuth) bindReadOnlyUser(l *ldap.Conn) error {
if la.config.BindDN != "" {
password, err := ioutil.ReadFile(la.config.BindPasswordFile)
if err != nil {
return err
}
password_str := strings.TrimSpace(string(password))
glog.V(2).Infof("Bind read-only user (DN = %s)", la.config.BindDN)
err = l.Bind(la.config.BindDN, password_str)
if err != nil {
return err
}
}
return nil
}示例9: inGroup
func inGroup(username, group string, config *Config, conn *ldap.Conn, attrs []string) (bool, map[string][]string, error) {
groupDN, err := getDN(group, config, conn)
if err != nil {
if config.Debug {
log.Printf("DEBUG: Error: %s\n", err)
}
return false, nil, err
}
search := ldap.NewSearchRequest(
config.BaseDN,
ldap.ScopeWholeSubtree,
ldap.DerefAlways,
1, 0,
false,
fmt.Sprintf("(sAMAccountName=%s)", username),
append(attrs, "memberOf"),
nil,
)
result, lErr := conn.Search(search)
if lErr != nil {
if config.Debug {
log.Printf("DEBUG: LDAP Error %v\n", lErr)
}
return false, nil, lErr
}
if len(result.Entries) == 1 {
entryAttrs := attrsToMap(result.Entries[0])
if groups, ok := entryAttrs["memberOf"]; ok {
for _, g := range groups {
if groupDN == g {
for _, key := range attrs {
if key == "memberOf" {
return true, entryAttrs, nil
}
}
delete(entryAttrs, "memberOf")
return true, entryAttrs, nil
}
}
}
return false, entryAttrs, nil
}
return false, nil, LDAPError("Amount of Entries returned was not one")
}示例10: getUserDN
func getUserDN(cfg *ConfigEntry, c *ldap.Conn, bindDN string) (string, error) {
userDN := ""
if cfg.UPNDomain != "" {
// Find the distinguished name for the user if userPrincipalName used for login
result, err := c.Search(&ldap.SearchRequest{
BaseDN: cfg.UserDN,
Scope: 2, // subtree
Filter: fmt.Sprintf("(userPrincipalName=%s)", ldap.EscapeFilter(bindDN)),
})
if err != nil {
return userDN, fmt.Errorf("LDAP search failed for detecting user: %v", err)
}
for _, e := range result.Entries {
userDN = e.DN
}
} else {
userDN = bindDN
}
return userDN, nil
}示例11: ldapConnection
func (la *LDAPAuth) ldapConnection() (*ldap.Conn, error) {
var l *ldap.Conn
var err error
if la.config.TLS == "" || la.config.TLS == "none" || la.config.TLS == "starttls" {
glog.V(2).Infof("Dial: starting...%s", la.config.Addr)
l, err = ldap.Dial("tcp", fmt.Sprintf("%s", la.config.Addr))
if err == nil && la.config.TLS == "starttls" {
glog.V(2).Infof("StartTLS...")
if tlserr := l.StartTLS(&tls.Config{InsecureSkipVerify: la.config.InsecureTLSSkipVerify}); tlserr != nil {
return nil, tlserr
}
}
} else if la.config.TLS == "always" {
glog.V(2).Infof("DialTLS: starting...%s", la.config.Addr)
l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s", la.config.Addr), &tls.Config{InsecureSkipVerify: la.config.InsecureTLSSkipVerify})
}
if err != nil {
return nil, err
}
return l, nil
}示例12: searchByName
// Search LDAP by cn filter
func searchByName(l *ldap.Conn, name string) (*ldap.SearchResult, error) {
filter := fmt.Sprintf("(cn=%v)", ReplaceAccents(name))
search := ldap.NewSearchRequest(
baseDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
filter,
attributes,
nil)
sr, err := l.Search(search)
if err != nil {
return nil, err
}
switch {
case len(sr.Entries) == 0:
return sr, ErrNoResults
case len(sr.Entries) > 1:
return sr, ErrTooManyResults
}
return sr, nil
}示例13: getAttrs
func getAttrs(username string, config *Config, conn *ldap.Conn, attrs []string) (map[string][]string, error) {
search := ldap.NewSearchRequest(
config.BaseDN,
ldap.ScopeWholeSubtree,
ldap.DerefAlways,
1, 0,
false,
fmt.Sprintf("(sAMAccountName=%s)", username),
attrs,
nil,
)
result, lErr := conn.Search(search)
if lErr != nil {
if config.Debug {
log.Printf("DEBUG: LDAP Error %v\n", lErr)
}
return nil, lErr
}
if len(result.Entries) == 1 {
return attrsToMap(result.Entries[0]), nil
}
return nil, LDAPError("Amount of Entries returned was not one")
}示例14: getDN
func getDN(cn string, config *Config, conn *ldap.Conn) (string, error) {
search := ldap.NewSearchRequest(
config.BaseDN,
ldap.ScopeWholeSubtree,
ldap.DerefAlways,
1, 0,
false,
fmt.Sprintf("(cn=%s)", cn),
nil,
nil,
)
result, err := conn.Search(search)
if err != nil {
if config.Debug {
log.Printf("DEBUG: LDAP Error %v\n", err)
}
return "", err
}
if len(result.Entries) > 0 {
return result.Entries[0].DN, nil
}
return "", ConfigError(fmt.Sprintf("No DN found for: %s", cn))
}示例15: ldapSearch
//ldap search and return required attributes' value from searched entries
//default return entry's DN value if you leave attrs array empty
func (la *LDAPAuth) ldapSearch(l *ldap.Conn, baseDN *string, filter *string, attrs *[]string) (string, error) {
if l == nil {
return "", fmt.Errorf("No ldap connection!")
}
glog.V(2).Infof("Searching...basedDN:%s, filter:%s", *baseDN, *filter)
searchRequest := ldap.NewSearchRequest(
*baseDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
*filter,
*attrs,
nil)
sr, err := l.Search(searchRequest)
if err != nil {
return "", err
}
if len(sr.Entries) != 1 {
return "", fmt.Errorf("User does not exist or too many entries returned.")
}
var buffer bytes.Buffer
for _, entry := range sr.Entries {
if len(*attrs) == 0 {
glog.V(2).Infof("Entry DN = %s", entry.DN)
buffer.WriteString(entry.DN)
} else {
for _, attr := range *attrs {
values := strings.Join(entry.GetAttributeValues(attr), " ")
glog.V(2).Infof("Entry %s = %s", attr, values)
buffer.WriteString(values)
}
}
}
return buffer.String(), nil
}