We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
go version
$ go version : go1.15.8
YES
Go-Guardian Version: v2.9.0
Here is the content of our setupGoGuardian
func setupGoGuardian() { rootCA, err := x509.SystemCertPool() if err != nil { log.Printf("Failed to load system cert:%v", err) // return nil, err } if rootCA == nil { log.Printf("root ca is nil") rootCA = x509.NewCertPool() } certs, _ := ioutil.ReadDir("ad_certs") for _, cert := range certs { if !cert.IsDir() { ldapCert, err := ioutil.ReadFile(fmt.Sprintf("ad_certs/%s", cert.Name())) if err != nil { log.Printf("Failed to read ad cert:%v", err) continue } ok := rootCA.AppendCertsFromPEM(ldapCert) if !ok { log.Printf("AD cert of %s is not addeded.", cert.Name()) continue } } } cfg := &ldap.Config{ BaseDN: "xxxxxx", BindDN: "xxxxxx", Port: "636", Host: "xxxxx", TLS: &tls.Config{ ServerName: "xxxx", RootCAs: rootCA,}, BindPassword: "xxxx", Filter: "xxxx", } cacheObj = libcache.FIFO.New(0) cacheObj.SetTTL(time.Minute * 5) cacheObj.RegisterOnExpired(func(key, _ interface{}) { cacheObj.Peek(key) }) strategy = ldap.NewCached(cfg, cacheObj) }
and a basic sample middleware :
func middleware(next http.Handler) http.HandlerFunc { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { log.Println("Executing Auth Middleware") user, err := strategy.Authenticate(r.Context(), r) if err != nil { code := http.StatusUnauthorized errorstring := fmt.Sprintf("%s", err) http.Error(w, errorstring, code) log.Printf("%s", err) return } log.Printf("User %s Authenticated\n", user.GetUserName()) next.ServeHTTP(w, r) })
the authentication should be validated. that work perfectly without TLS (clear LDAP on port 389) ... but not supported soon
we got this error message from ldap provider : LDAP Result Code 200 "Network Error": ldap: already encrypted
Could you please drive us to the solution ?? Thank you so much for your help and have a nice day. Best regards.
The text was updated successfully, but these errors were encountered:
Oh... i just see the pull request !! #92
Sorry, something went wrong.
i will try the new version :) thank you !!!
No branches or pull requests
What version of Go are you using (
go version)?Does this issue reproduce with the latest release?
YES
What version of Go-Guardian are you using ?
What did you do?
Here is the content of our setupGoGuardian
and a basic sample middleware :
What did you expect to see?
the authentication should be validated. that work perfectly without TLS (clear LDAP on port 389) ... but not supported soon
What did you see instead?
we got this error message from ldap provider : LDAP Result Code 200 "Network Error": ldap: already encrypted
Could you please drive us to the solution ??
Thank you so much for your help and have a nice day.
Best regards.
The text was updated successfully, but these errors were encountered: