Authentication - add LDAP

[styx-tdo]

Please add an option to allow authentication against LDAP.

We have a bunch of users that should access, and all of them in LDAP; the users there are also the base for PAM authentication and for other serivices (therefore, always up2date).

To add another user management + password is contraproductive and yet another password is never a good idea.

[mattLLVW]

Thanks for the feat request.
I got a POC working!
We just need to see what should be user defined here to cover most use case.
If you have any input on this, i'd appreciate it.

[styx-tdo]

my ideas:

required:
ldap URL (array)
bind DN
optional:
Attribute to check
bind password (anonymous may work)
TLS params (cert/ca, cipher, override for cert check)
useful
base DN for users
base DN for groups
scope for both (single, onelelvel,...)
filter - e.g. (|(iphostnumber=myserver-vie01)(iphostnumber=any))

[daks]

Hi,
most people needing LDAP auth will have very different/customized setups so I think all parameters should be configurable (search filter, attributes to check, base DN...).

[mattLLVW]

Done.
Will be available in the next release.