Does greenlight support anonymous binding? It is not clear from the documentation and commenting out or leaving empty LDAP_BIND_DN and LDAP_PASSWORD doesn't seem to work.
Anonymous binding is pretty standard and I guess should be easy to implement.
Thank you.
Well, basically I managed to enable anonymous binding, by modifying this code:
inside the docker image.
git diff
diff --git a/lib/bn-ldap-authentication.rb b/lib/bn-ldap-authentication.rb
index 563fbe1..34414df 100644
--- a/lib/bn-ldap-authentication.rb
+++ b/lib/bn-ldap-authentication.rb
@@ -15,9 +15,7 @@ module LdapAuthenticator
host: provider_info[:host],
port: provider_info[:port],
auth: {
- method: :simple,
- username: provider_info[:bind_dn],
- password: provider_info[:password]
+ method: :anonymous,
},
encryption: provider_info[:encryption]
)
I would like to request this, too. Should be as easy to implement as with setting a flag or letting it empty (tried this first, too).
For internal services, our LDAP server permits read access without authentication, or better, with anonymous binding. Would be a bit simpler than deploying a bind user.
I've submitted a patch to the library being used and plan on fixing this once that patch has been approved.
Most helpful comment
Well, basically I managed to enable anonymous binding, by modifying this code:
inside the docker image.