LDAP Authentication Plugin

CaesarKing · November 27, 2017, 11:56pm

The LDAP Authentication plugin adds LDAP Bind Authentication to your APIs, with username and password protection. Give it a try and discuss it here!

LDAP Authentication plugin documentation

otrsw · December 7, 2017, 8:01am

I am looking for some help setting up LDAP plugin. I set up a local LDAP server and whilst I can confirm a valid account with ldapsearch, using those same settings on the kong plugin always results in “Invalid authentication details”. so my first specific question is - where does the LDAP plugin log to? I cannot find any entries in the nginx logs or in the kong log .

hisham · December 7, 2017, 8:24pm

where does the LDAP plugin log to?

Hi! The ldap-auth plugin logs to the nginx logs as usual (look for [ldap-auth] in the logs). You may also want to raise the log_level in kong.conf to “debug” for troubleshooting, in that case it should log all authentication attempts.

sunny_choudhary · March 19, 2019, 6:16am

Kindly mention the steps to configure ldap auth plugin.
I am stuck, not able to implement

Bertrand_Pinel · March 24, 2019, 5:41pm

Hi
Sharing the same issue with the ldap auth plugin : I can play successfully many ldapsearch commands using the same parameters than the one I give to the plugin, but protecting a route with ldap-auth systematically returns
{
“message”: “Invalid authentication credentials”
}
Nothing in kong logs except :
2019/03/24 17:27:45 [error] 36#0: *597859 [kong] access.lua:88 [ldap-auth]
Error: The supplied credential is invalid.
Details: , client: 172.19.0.1, server: kong, request: “GET /joiningUsers HTTP/1.1”, host: “localhost:8000”
172.19.0.1 - - [24/Mar/2019:17:27:45 +0000] “GET /joiningUsers HTTP/1.1” 403 48 “-” “PostmanRuntime/7.6.1”
I am also not able to see anything going to the LDAP server…
Any help would be appreciated starting from information on how to get more meaningful logs…
Best regards

sunny_choudhary · April 26, 2019, 7:19am

I am done with LDAP authentication.
As you can see in attached screen shot.

Just add the api in kong, On the LDAP plugin and Send a authorization header as shown in Image.
Authorization header is consist of username and password in base64(username:password) encrypted format.

evertonpavan · June 1, 2021, 5:26pm

@sunny_choudhary Hello!

Can you help me to configure my plugin?

I am try with the configs below:

{
“id”: “405344ad-3bf45-4458-8444-782c17f490b3”,
“consumer”: null,
“config”: {
“cache_ttl”: 60,
“start_tls”: false,
“ldap_host”: “HOST IP”,
“ldap_port”: 389,
“verify_ldap_host”: false,
“anonymous”: null,
“timeout”: 10000,
“keepalive”: 60000,
“header_type”: “ldap”,
“attribute”: “UID”,
“base_dn”: “dc=devdom,dc=intra”,
“hide_credentials”: true,
“ldaps”: false
},
“name”: “ldap-auth”,
“enabled”: true,
“created_at”: 1632434421,
“protocols”: [
“grpc”,
“grpcs”,
“http”,
“https”
],
“service”: null,
“route”: {
“id”: “7ffb2f2a-3798-437a-8ss63-e344369a898”
},
“tags”: null
}

But I receveid same erro: “message”: “Invalid authentication credentials”

Dung_Le_Thanh · February 9, 2022, 1:52am

It not working in our system too!!
Are there any problem with LDAP Plugin?? with attribute: sAMAccountName

navjot.k · April 10, 2023, 4:57pm

I am getting below error. Configuration is similar to the one given in questions above by someone else. What key it is looking
/ldap-auth-advanced/access.lua:431: key must be a string or an entity table

Topic		Replies	Views
LDAP-auth plugin help Questions	0	291	August 28, 2020
Kong LDAP authentication test	0	308	March 14, 2019
Not all attributes works for LDAP AUTH plugin	0	497	October 13, 2019
Error: The supplied credential is invalid in LDAP Authentication Plugin Questions	6	2996	June 1, 2021
lDAP-auth plugin	6	1898	March 18, 2019

LDAP Authentication Plugin

Related Topics