support ldaps (#670)

This commit is contained in:
Mario Voigt 2023-03-21 21:56:14 +01:00 committed by GitHub
parent b561eaee6d
commit 430ebbd1c5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 31 additions and 1 deletions

View File

@ -53,6 +53,7 @@ public enum ConfigType {
LDAP_ENABLED, LDAP_ENABLED,
LDAP_HOST, LDAP_HOST,
LDAP_PORT, LDAP_PORT,
LDAP_USESSL,
LDAP_ADMIN_DN, LDAP_ADMIN_DN,
LDAP_ADMIN_PASSWORD, LDAP_ADMIN_PASSWORD,
LDAP_BASE_DN, LDAP_BASE_DN,

View File

@ -66,6 +66,7 @@ public class LdapAuthenticationHandler implements AuthenticationHandler {
LdapConnectionConfig config = new LdapConnectionConfig(); LdapConnectionConfig config = new LdapConnectionConfig();
config.setLdapHost(ConfigUtil.getConfigStringValue(ConfigType.LDAP_HOST)); config.setLdapHost(ConfigUtil.getConfigStringValue(ConfigType.LDAP_HOST));
config.setLdapPort(ConfigUtil.getConfigIntegerValue(ConfigType.LDAP_PORT)); config.setLdapPort(ConfigUtil.getConfigIntegerValue(ConfigType.LDAP_PORT));
config.setUseSsl(ConfigUtil.getConfigBooleanValue(ConfigType.LDAP_USESSL));
config.setName(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_DN)); config.setName(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_DN));
config.setCredentials(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_PASSWORD)); config.setCredentials(ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_PASSWORD));

View File

@ -754,6 +754,7 @@ public class AppResource extends BaseResource {
response.add("enabled", true) response.add("enabled", true)
.add("host", ConfigUtil.getConfigStringValue(ConfigType.LDAP_HOST)) .add("host", ConfigUtil.getConfigStringValue(ConfigType.LDAP_HOST))
.add("port", ConfigUtil.getConfigIntegerValue(ConfigType.LDAP_PORT)) .add("port", ConfigUtil.getConfigIntegerValue(ConfigType.LDAP_PORT))
.add("usessl", ConfigUtil.getConfigBooleanValue(ConfigType.LDAP_USESSL))
.add("admin_dn", ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_DN)) .add("admin_dn", ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_DN))
.add("admin_password", ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_PASSWORD)) .add("admin_password", ConfigUtil.getConfigStringValue(ConfigType.LDAP_ADMIN_PASSWORD))
.add("base_dn", ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN)) .add("base_dn", ConfigUtil.getConfigStringValue(ConfigType.LDAP_BASE_DN))
@ -777,6 +778,7 @@ public class AppResource extends BaseResource {
* @apiParam {Boolean} enabled LDAP authentication enabled * @apiParam {Boolean} enabled LDAP authentication enabled
* @apiParam {String} host LDAP server host * @apiParam {String} host LDAP server host
* @apiParam {Integer} port LDAP server port * @apiParam {Integer} port LDAP server port
* @apiParam {Boolean} use SSL (ldaps)
* @apiParam {String} admin_dn Admin DN * @apiParam {String} admin_dn Admin DN
* @apiParam {String} admin_password Admin password * @apiParam {String} admin_password Admin password
* @apiParam {String} base_dn Base DN * @apiParam {String} base_dn Base DN
@ -791,6 +793,7 @@ public class AppResource extends BaseResource {
* @param enabled LDAP authentication enabled * @param enabled LDAP authentication enabled
* @param host LDAP server host * @param host LDAP server host
* @param portStr LDAP server port * @param portStr LDAP server port
* @param usessl LDAP use SSL (ldaps)
* @param adminDn Admin DN * @param adminDn Admin DN
* @param adminPassword Admin password * @param adminPassword Admin password
* @param baseDn Base DN * @param baseDn Base DN
@ -804,6 +807,7 @@ public class AppResource extends BaseResource {
public Response configLdap(@FormParam("enabled") Boolean enabled, public Response configLdap(@FormParam("enabled") Boolean enabled,
@FormParam("host") String host, @FormParam("host") String host,
@FormParam("port") String portStr, @FormParam("port") String portStr,
@FormParam("usessl") Boolean usessl,
@FormParam("admin_dn") String adminDn, @FormParam("admin_dn") String adminDn,
@FormParam("admin_password") String adminPassword, @FormParam("admin_password") String adminPassword,
@FormParam("base_dn") String baseDn, @FormParam("base_dn") String baseDn,
@ -833,6 +837,7 @@ public class AppResource extends BaseResource {
configDao.update(ConfigType.LDAP_ENABLED, Boolean.TRUE.toString()); configDao.update(ConfigType.LDAP_ENABLED, Boolean.TRUE.toString());
configDao.update(ConfigType.LDAP_HOST, host); configDao.update(ConfigType.LDAP_HOST, host);
configDao.update(ConfigType.LDAP_PORT, portStr); configDao.update(ConfigType.LDAP_PORT, portStr);
configDao.update(ConfigType.LDAP_USESSL, usessl.toString());
configDao.update(ConfigType.LDAP_ADMIN_DN, adminDn); configDao.update(ConfigType.LDAP_ADMIN_DN, adminDn);
configDao.update(ConfigType.LDAP_ADMIN_PASSWORD, adminPassword); configDao.update(ConfigType.LDAP_ADMIN_PASSWORD, adminPassword);
configDao.update(ConfigType.LDAP_BASE_DN, baseDn); configDao.update(ConfigType.LDAP_BASE_DN, baseDn);

View File

@ -278,8 +278,23 @@
"menu_vocabularies": "Vokabulareinträge", "menu_vocabularies": "Vokabulareinträge",
"menu_configuration": "Einstellungen", "menu_configuration": "Einstellungen",
"menu_inbox": "Posteingang durchsuchen", "menu_inbox": "Posteingang durchsuchen",
"menu_ldap": "LDAP Authentifizierung",
"menu_metadata": "Benutzerdefinierte Metadaten", "menu_metadata": "Benutzerdefinierte Metadaten",
"menu_monitoring": "Überwachung", "menu_monitoring": "Überwachung",
"ldap": {
"title": "LDAP Authentifizierung",
"enabled": "LDAP Authentifizierung aktivieren",
"host": "LDAP Hostname",
"port": "LDAP Port (standardmäßig 389)",
"usessl": "Aktiviere SSL (ldaps)",
"admin_dn": "Admin DN",
"admin_password": "Admin Passwort",
"base_dn": "Basis-Such-DN",
"filter": "Suchfilter (muss USERNAME enthalten, zum Beispiel \"(uid=USERNAME)\")",
"default_email": "Standard-E-Mail für LDAP-Benutzer",
"default_storage": "Standard Quota für LDAP-Benutzer",
"saved": "LDAP-Konfiguration erfolgreich gespeichert"
},
"user": { "user": {
"title": "Benutzerverwaltung", "title": "Benutzerverwaltung",
"add_user": "Benutzer hinzufügen", "add_user": "Benutzer hinzufügen",

View File

@ -286,6 +286,7 @@
"enabled": "Enable LDAP authentication", "enabled": "Enable LDAP authentication",
"host": "LDAP hostname", "host": "LDAP hostname",
"port": "LDAP port (389 by default)", "port": "LDAP port (389 by default)",
"usessl": "Enable SSL (ldaps)",
"admin_dn": "Admin DN", "admin_dn": "Admin DN",
"admin_password": "Admin password", "admin_password": "Admin password",
"base_dn": "Base search DN", "base_dn": "Base search DN",

View File

@ -21,6 +21,13 @@
</div> </div>
</div> </div>
<div ng-if="ldap.enabled" class="form-group" ng-class="{ 'has-error': !form.usessl.$valid && form.$dirty }">
<label class="col-sm-2 control-label" for="ldapUseSsl">{{ 'settings.ldap.usessl' | translate }}</label>
<div class="col-sm-7">
<input name="usessl" type="checkbox" id="ldapUseSsl" ng-model="ldap.usessl" />
</div>
</div>
<div ng-if="ldap.enabled" class="form-group" ng-class="{ 'has-error': !form.adminDn.$valid && form.$dirty }"> <div ng-if="ldap.enabled" class="form-group" ng-class="{ 'has-error': !form.adminDn.$valid && form.$dirty }">
<label class="col-sm-2 control-label" for="ldapAdminDn">{{ 'settings.ldap.admin_dn' | translate }}</label> <label class="col-sm-2 control-label" for="ldapAdminDn">{{ 'settings.ldap.admin_dn' | translate }}</label>
<div class="col-sm-7"> <div class="col-sm-7">
@ -85,4 +92,4 @@
<div class="alert col-sm-9 alert-success" <div class="alert col-sm-9 alert-success"
ng-show="saveResult"> ng-show="saveResult">
{{ saveResult }} {{ saveResult }}
</div> </div>