Skip to content

lookout/dropwizard-auth-ldap

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

168 Commits
src
src
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
maven_deploy_settings.xml
maven_deploy_settings.xml
 
 
pom.xml
pom.xml
 
 

Repository files navigation

LDAP Authenticator Build Status Maven Central

This is a simple dropwizard-auth module using Basic-Auth + LDAP for authentication. This is the module internal tools at Yammer used to authenticate users.

Note: This module has only been subjected to the traffic of our engineering team. We have not used this to authenticate high-traffic or tuned the JNDI connection pool as such.

Maven

<dependency>
    <groupId>com.yammer.dropwizard</groupId>
    <artifactId>dropwizard-auth-ldap</artifactId>
    <version>0.1.2</version>
</dependency>

Legacy Dropwizard Support

0.0.x releases will contain bug/security updates. 0.1.x and beyond will support 0.7+ dropwizard

How To Use

LdapConfiguration configuration = new LdapConfiguration();
LdapAuthenticator authenticator = new LdapAuthenticator(configuration);
authenticator.authenticate(new BasicCredentials("user", "password"));

Add it to your Service

I assume you are already familiar with dropwizard's authentication module. You can find more information about dropwizard authentication at http://www.dropwizard.io/manual/auth.html

Here is an example how to add LdapAuthenticator using a CachingAuthenticator to your service:

@Override
public void run(Configuration configuration, Environment environment) throws Exception {
    LdapConfiguration ldapConfiguration = configuration.getLdapConfiguration();
    Authenticator<BasicCredentials, BasicCredentials> ldapAuthenticator = new CachingAuthenticator<>(
            environment.metrics(),
            new ResourceAuthenticator(new LdapAuthenticator(ldapConfiguration)),
            ldapConfiguration.getCachePolicy());

    environment.jersey().register(new BasicAuthProvider<>(ldapAuthenticator, "realm"));
    environment.healthChecks().register("ldap",
            new LdapHealthCheck<>(new ResourceAuthenticator(new LdapCanAuthenticate(ldapConfiguration))));
}

Additional Notes

Make sure to register your resources. Example:

environment.jersey().register(new YourResource());

Configuration

uri: ldaps://myldap.com:636
cachePolicy: maximumSize=10000, expireAfterWrite=10m
userFilter: ou=people,dc=yourcompany,dc=com
groupFilter: ou=groups,dc=yourcompany,dc=com
userNameAttribute: cn
groupNameAttribute: cn
groupMembershipAttribute: memberUid
groupClassName: posixGroup
restrictToGroups:
    - user
    - admin
    - bots
connectTimeout: 500ms
readTimeout: 500ms

CHANGELOG

Check the Changelog for detailed updates.

Bugs and Feedback

For bugs, questions, and discussions please use the Github Issues

About

Dropwizard Authentication Module for LDAP using JNDI.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

16 watching

Forks

1 fork
Report repository

Releases

22 tags

Packages

No packages published

Languages

  • Java 100.0%