I'm new to NodeJS concepts and working. I'm trying to achieve LDAP authentication using Passport-ldapauth. I'm able to authenticate the user when I user searchFilter: searchFilter: "(&(objectClass=user)(sAMAccountName=USER2))". If I use instead of USER2, passport would give the response Unauthorized.
Below are my usecases.
index.js
var express = require('express'),
passport = require('passport'),
bodyParser = require('body-parser'),
LdapStrategy = require('passport-ldapauth'),
fs = require('fs');
var OPTS = { ... };
var app = express();
passport.use(new LdapStrategy(OPTS));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({extended: false}));
app.use(passport.initialize());
app.post('/login', passport.authenticate('ldapauth', {session: false}), function(req, res) {
res.send({status: 'ok', dn: req.user.displayName});
});
app.listen(8080);
OPT Configuration 1:
OPTS = {
server: {
url: 'ldaps://HOSTNAME:636',
bindDn: 'USER1',
bindCredentials: 'PASSWORD',
searchBase: 'DC=corp,DC=com',
searchFilter: "(&(objectClass=user)(sAMAccountName=USER2))",
tlsOptions: {
ca: [
fs.readFileSync('/PATH/TO/CERT.crt')
]
}
}
}
#> curl -X POST -H "Content-Type: application/json" -d '{"username": "USER2", "password": "PASSWORD"}' http://0.0.0.0:8080/login
RESPONSE: {status: 'ok', dn:USER2}
OPT Configuration 2:
OPTS = {
server: {
url: 'ldaps://HOSTNAME:636',
bindDn: 'USER1',
bindCredentials: 'PASSWORD',
searchBase: 'DC=corp,DC=com',
searchFilter: "(&(objectClass=user)(sAMAccountName=))",
tlsOptions: {
ca: [
fs.readFileSync('/PATH/TO/CERT.crt')
]
}
}
}
#> curl -X POST -H "Content-Type: application/json" -d '{"username": "USER2", "password": "PASSWORD"}' http://0.0.0.0:8080/login
RESPONSE: Unauthorized
According to my understanding, should have been replaced with USER2. Is there something wrong here?
Thanks!!
via Prashanth
No comments:
Post a Comment