LDAP client library for tarantool¶
This library allows you to authenticate in a LDAP server and perform searches.
Usage example with OpenLDAP library¶
OpenLDAP – an open-source implementation of LDAP. A complex one and not very fun to deal with. However, it should meet the full LDAP standard.
Install OpenLDAP¶
Centos 7¶
yum install -y openldap*
slapd server will be available in $PATH and can be started right away.
Centos 8¶
There is no package for Centos 8, you will have to build it from scratch.
Full process is described here: https://kifarunix.com/install-and-setup-openldap-on-centos-8/
MacOS¶
brew install openldap
slapd server will be in /usr/local/opt/openldap/libexec/ and must be added to $PATH
in order to continue.
Running tests on OpenLDAP¶
There are scripts ready for such a task.
Run
test/prepare.shto setup a virtualenv and create SSL certificates & keys.Start
slapdwithtest/openldap/start_slapd.sh. This will:create a
slapd.confconfig file according to your environment;start a
slapdprocess in the background;populate the LDAP database with the contents of
test/openldap/database.ldiffile.
Run
tarantool test.lua
Usage example with glauth (a simple LDAP server)¶
First, download glauth, a simple Go-based LDAP server using the following commands:
cd test/glauth
./glauth/download_glauth.sh
Then run glauth:
./glauth -c glauth_test.cfg
Then run the following tarantool script in a separate terminal
#!/usr/bin/env tarantool
local ldap = require('ldap')
local yaml = require('yaml')
local user = "cn=johndoe,ou=superheros,dc=glauth,dc=com"
local password = "dogood"
local ld = assert(ldap.open("localhost:3893", user, password))
local iter = assert(ldap.search(ld,
{base="dc=glauth,dc=com",
scope="subtree",
sizelimit=10,
filter="(objectclass=*)"}))
for entry in iter do
print(yaml.encode(entry))
end