auth: set ldap base dn. Fix ldap docker example

opendatadiscovery · Feb 12, 2024 · 29d1ec7 · 29d1ec7
1 parent a4f3ba6
commit 29d1ec7
Show file tree

Hide file tree

Showing 7 changed files with 92 additions and 8 deletions.
diff --git a/docker/examples/.env b/docker/examples/.env
@@ -0,0 +1,3 @@
+POSTGRES_USER=odd-platform
+POSTGRES_PASSWORD=odd-platform-password
+POSTGRES_DATABASE=odd-platform
diff --git a/docker/examples/ldap.yaml b/docker/examples/ldap.yaml
@@ -9,24 +9,33 @@ services:
       - POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
       - POSTGRES_DATABASE=${POSTGRES_DATABASE}
     ports:
-      - 5432:5432
+      - "5432:5432"
 
   odd-platform:
-    image: opendatadiscovery/odd-platform:latest
+    image: ghcr.io/opendatadiscovery/odd-platform:latest
     restart: always
     environment:
       - SPRING_DATASOURCE_URL=jdbc:postgresql://database:5432/${POSTGRES_DATABASE}
       - SPRING_DATASOURCE_USERNAME=${POSTGRES_USER}
       - SPRING_DATASOURCE_PASSWORD=${POSTGRES_PASSWORD}
       - AUTH_TYPE=LDAP
-      - SPRING_LDAP_URLS=ldap://ldap:10389
-      - SPRING_LDAP_DN_PATTERN=cn={0},ou=people,dc=planetexpress,dc=com
+      - AUTH_LDAP_URL=ldap://ldap:389
+      - AUTH_LDAP_PASSWORD=admin
+      - AUTH_LDAP_USERNAME=cn=admin,dc=example,dc=org
+      - AUTH_LDAP_DN_PATTERN=cn={0},ou=People
+      - AUTH_LDAP_BASE=dc=example,dc=org
     depends_on:
       - database
       - ldap
     ports:
-      - 8080:8080
+      - "8080:8080"
+
 
   ldap:
-    image: rroemhild/test-openldap:latest
-    hostname: "ldap"
+    image: osixia/openldap:1.5.0
+    ports:
+      - "389:389"
+      - "636:636"
+    volumes:
+      - ./ldap/sample.ldif:/container/service/slapd/assets/config/bootstrap/ldif/custom/sample.ldif
+    command: --copy-service
diff --git a/docker/examples/ldap/sample.ldif b/docker/examples/ldap/sample.ldif
@@ -0,0 +1,69 @@
+# --- OUs -------------------------------------
+
+dn: ou=Groups,dc=example,dc=org
+objectClass: organizationalunit
+objectClass: top
+ou: Groups
+
+dn: ou=People,dc=example,dc=org
+objectClass: organizationalunit
+objectClass: top
+ou: People
+
+
+# --- People ----------------------------------
+
+dn: cn=marpontes,ou=People,dc=example,dc=org
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+objectClass: top
+cn: marpontes
+userpassword: pass
+givenname: Marcello
+sn: Pontes
+mail: marcello@oncase.com.br
+uid: 1001
+
+dn: cn=zach,ou=People,dc=example,dc=org
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+objectClass: top
+cn: zach
+userpassword: pass
+givenname: Zachary
+sn: Zeus
+mail: zach@oncase.com.br
+uid: 1002
+
+dn: cn=leonardo,ou=People,dc=example,dc=org
+objectClass: person
+objectClass: inetOrgPerson
+objectClass: organizationalPerson
+objectClass: top
+cn: leonardo
+userpassword: pass
+givenname: Leonardo
+sn: Luiz
+mail: zach@oncase.com.br
+uid: 1003
+
+
+# --- Groups ----------------------------------
+
+dn: cn=Administrator,ou=Groups,dc=example,dc=org
+objectClass: groupofuniquenames
+objectClass: top
+ou: Groups
+cn: Administrator
+uniquemember: cn=marpontes, ou=People, dc=example,dc=org
+
+dn: cn=Developers,ou=Groups,dc=example,dc=org
+objectClass: groupofuniquenames
+objectClass: top
+ou: Groups
+cn: Administrator
+uniquemember: cn=marpontes, ou=People, dc=example,dc=org
+uniquemember: cn=zach, ou=People, dc=example,dc=org
+uniquemember: cn=leonardo, ou=People, dc=example,dc=org
diff --git a/docker/examples/oauth2.yaml b/docker/examples/oauth2.yaml
@@ -12,7 +12,7 @@ services:
       - 5432:5432
 
   odd-platform:
-    image: opendatadiscovery/odd-platform:latest
+    image: ghcr.io/opendatadiscovery/odd-platform:latest
     restart: always
     environment:
       - SPRING_DATASOURCE_URL=jdbc:postgresql://database:5432/${POSTGRES_DATABASE}

diff --git a/odd-platform-api/src/main/java/org/opendatadiscovery/oddplatform/auth/ODDLDAPProperties.java b/odd-platform-api/src/main/java/org/opendatadiscovery/oddplatform/auth/ODDLDAPProperties.java
@@ -13,6 +13,7 @@ public class ODDLDAPProperties {
     private String username;
     private String password;
     private String dnPattern;
+    private String base;
     private UserFilter userFilter;
     private Group groups;
     private ActiveDirectory activeDirectory;

diff --git a/...api/src/main/java/org/opendatadiscovery/oddplatform/config/LDAPSecurityConfiguration.java b/...api/src/main/java/org/opendatadiscovery/oddplatform/config/LDAPSecurityConfiguration.java
@@ -115,6 +115,7 @@ public LdapContextSource ldapContextSource() {
         ctx.setUrl(properties.getUrl());
         ctx.setUserDn(properties.getUsername());
         ctx.setPassword(properties.getPassword());
+        ctx.setBase(properties.getBase());
         return ctx;
     }
 

diff --git a/odd-platform-api/src/main/resources/application.yml b/odd-platform-api/src/main/resources/application.yml
@@ -46,6 +46,7 @@ auth:
 #    username:
 #    password:
 #    dn-pattern:
+#    base:
 #    user-filter:
 #      search-base:
 #      filter: