From c8f0652b55d4a4b05b3b0518fcd4470a65a762c0 Mon Sep 17 00:00:00 2001 From: Wilton Rodrigues Date: Fri, 11 Oct 2024 15:23:26 -0300 Subject: [PATCH] Updating examples to use ServerList --- examples/dynamic-conf/ldapAuth-conf.toml | 7 +- examples/dynamic-conf/ldapAuth-tls-conf.toml | 10 +- examples/dynamic-conf/ldapAuth-tls-conf.yml | 130 ++++++++++--------- 3 files changed, 80 insertions(+), 67 deletions(-) diff --git a/examples/dynamic-conf/ldapAuth-conf.toml b/examples/dynamic-conf/ldapAuth-conf.toml index 54b4bb1..9b4d177 100644 --- a/examples/dynamic-conf/ldapAuth-conf.toml +++ b/examples/dynamic-conf/ldapAuth-conf.toml @@ -5,12 +5,17 @@ LogLevel = "DEBUG" [[http.middlewares.my-ldapAuth.plugin.ldapAuth.ServerList]] Port = "636" Url = "ldaps://ldap2.forumsys.com" +Weight = 10 [[http.middlewares.my-ldapAuth.plugin.ldapAuth.ServerList]] +Weight = 5 Url = "ldap://ldap.forumsys.com" Port = "389" Attribute = "uid" BaseDN = "dc=example,dc=com" -AllowedGroups = ["ou=mathematicians,dc=example,dc=com","ou=italians,ou=scientists,dc=example,dc=com"] +AllowedGroups = [ + "ou=mathematicians,dc=example,dc=com", + "ou=italians,ou=scientists,dc=example,dc=com", +] AllowedUsers = ["euler", "uid=euclid,dc=example,dc=com"] # SearchFilter must escape curly braces when using toml file # https://toml.io/en/v1.0.0#string diff --git a/examples/dynamic-conf/ldapAuth-tls-conf.toml b/examples/dynamic-conf/ldapAuth-tls-conf.toml index 7c2977b..ca20948 100644 --- a/examples/dynamic-conf/ldapAuth-tls-conf.toml +++ b/examples/dynamic-conf/ldapAuth-tls-conf.toml @@ -1,11 +1,15 @@ [http.middlewares] [http.middlewares.my-ldapAuth.plugin.ldapAuth] -Attribute = "uid" -BaseDN = "cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org" Enabled = true LogLevel = "DEBUG" -Port = "636" +[[http.middlewares.my-ldapAuth.plugin.ldapAuth.ServerList]] Url = "ldaps://ipa.demo1.freeipa.org" +Port = "636" +Weight = 10 +BaseDN = "cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org" +Attribute = "uid" +MinVersionTLS = "tls.VersionTLS10" +MaxVersionTLS = "tls.VersionTLS13" CertificateAuthority = ''' -----BEGIN CERTIFICATE----- MIIFWzCCA8OgAwIBAgIBCDANBgkqhkiG9w0BAQsFADA8MRowGAYDVQQKDBFERU1P diff --git a/examples/dynamic-conf/ldapAuth-tls-conf.yml b/examples/dynamic-conf/ldapAuth-tls-conf.yml index c89f559..a8eb9e4 100644 --- a/examples/dynamic-conf/ldapAuth-tls-conf.yml +++ b/examples/dynamic-conf/ldapAuth-tls-conf.yml @@ -5,66 +5,70 @@ http: ldapAuth: Enabled: true LogLevel: "DEBUG" - Url: "ldaps://ipa.demo1.freeipa.org" - Port: 636 - BaseDN: "cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org" - Attribute: "uid" - CertificateAuthority: |- - -----BEGIN CERTIFICATE----- - MIIFWzCCA8OgAwIBAgIBCDANBgkqhkiG9w0BAQsFADA8MRowGAYDVQQKDBFERU1P - MS5GUkVFSVBBLk9SRzEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X - DTIzMDQyMDEzMzYxNFoXDTI1MDQyMDEzMzYxNFowPDEaMBgGA1UECgwRREVNTzEu - RlJFRUlQQS5PUkcxHjAcBgNVBAMMFWlwYS5kZW1vMS5mcmVlaXBhLm9yZzCCASIw - DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMEzBE9i2gqOMM2HKyNnM7Ih5+mv - duVmE5D+5raJtqA1eNZkNrQmSaKwS9cnHGX+2/zSY1FDkZnIhGXySPf0/7fxCuG/ - J9MvRlecGnJTWOCvPIVhkvd5PyTKkClmsk4ojx2IwCU6q2nvy0zvSxhhzd2UpOL6 - y7fNtS3VBYYZjWNEv0K7F+pGtW40MauGDotsP1zQmyVW5J1IszDDlRgTLC6azdBs - +RP0vYCyKkgh1tpWLYfFnQhNVOlja79QcnlKdvnZu4sFdDSvOqext28mBJuCm8ib - HLnQQcxTqg2jMx8AW2zh9F8sMoEsn/mjDHI41oGGsHeZt3j5a8Ab7jtlz8MCAwEA - AaOCAeYwggHiMB8GA1UdIwQYMBaAFKFAgcvZmgX3tnFhcPQ5i4jZ+xE9MEMGCCsG - AQUFBwEBBDcwNTAzBggrBgEFBQcwAYYnaHR0cDovL2lwYS1jYS5kZW1vMS5mcmVl - aXBhLm9yZy9jYS9vY3NwMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAUBggrBgEF - BQcDAQYIKwYBBQUHAwIwfAYDVR0fBHUwczBxoDmgN4Y1aHR0cDovL2lwYS1jYS5k - ZW1vMS5mcmVlaXBhLm9yZy9pcGEvY3JsL01hc3RlckNSTC5iaW6iNKQyMDAxDjAM - BgNVBAoMBWlwYWNhMR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHQYD - VR0OBBYEFGsje2irExO4AvvLW6jv2oEkrZfSMIGtBgNVHREEgaUwgaKCFWlwYS5k - ZW1vMS5mcmVlaXBhLm9yZ6A8BgorBgEEAYI3FAIDoC4MLGxkYXAvaXBhLmRlbW8x - LmZyZWVpcGEub3JnQERFTU8xLkZSRUVJUEEuT1JHoEsGBisGAQUCAqBBMD+gExsR - REVNTzEuRlJFRUlQQS5PUkehKDAmoAMCAQGhHzAdGwRsZGFwGxVpcGEuZGVtbzEu - ZnJlZWlwYS5vcmcwDQYJKoZIhvcNAQELBQADggGBADO5SovCVFoVJQOKxrePdh5y - VIQ45UQSjmfXT+FlzbzlX47ejpvdqDKDl0yj5JBUKtKxv3Mj6natUQAVnveRcXlo - mjzEOQsozCaWcCrtnIW8AOny78DjxnSdwPqd/TRV4r2/T2cRndd0GCg6LrQxEdTf - VNKJAMAYin6xmopsarpXwVJVd7YweFUMd7Tu5Tvpde1oubnBtb7ZEGixb6AB200g - lHQroWz6s+a/d7BxsyM0DA5bOk728LqroIJ8m/9xIbnACoyeVdmM5BF/1/cUsX4N - RkRJIfcITNB3zr/4WUldKsM/7bfEA5S0GQUjTd4njt5r7d8j2r6V88maN9ANgXZ4 - Vf1RbjmTOw4OovwGXtRu8DkQ4kSqnyd1COelH48EfGxtOYbzqNNgnip+95mmMoFr - 3BkxKP8G/lQ3kGOYqBIQ+1ICtvx29Smllo87RkJ3KltHy7RKVMZry7inLTqCNBAA - uIdew6R5uJhBBrfjmXGyGjba9wtxDPiPoTa9gGAu7w== - -----END CERTIFICATE----- - -----BEGIN CERTIFICATE----- - MIIEnTCCAwWgAwIBAgIBATANBgkqhkiG9w0BAQsFADA8MRowGAYDVQQKDBFERU1P - MS5GUkVFSVBBLk9SRzEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X - DTIzMDQyMDEzMzM1NFoXDTQzMDQyMDEzMzM1NFowPDEaMBgGA1UECgwRREVNTzEu - RlJFRUlQQS5PUkcxHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTCCAaIw - DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALLzV665748bW3Da/ZVTZ4BVHrCW - RuuT+7bgT6CZOUMri8F+KuQ6sT+o3hQuyrp4qWn0sU3bO9TCXjkQ4B8uo8ZR3RvR - +2FXENtUQukI4PTXXoKjqJkGrgWVyISfkvNZvsl/bOEtVJ6nh3DBLhYM0HEENccL - 0b1SALdntQwGFJfWkRD0FbjBo7CPxePm7L2VViDMY0cYeUdgETcqc9Zw90gUEqTt - keHqPmBkiOUVk09f3qtdoukRqAvx3nKhUu7vHEf+DJJoQtr3ilUXZQZ/6lKkYl9k - mdwjt+9YeCaKV0s7RI4G+25xo1ZSB3IfMMGISGf/0mOyg4LgWyuuDF/ip5+gI46b - Ol85DrhJAfeYoFbjx+zsoY9mn0kiMBnxg+NkvJitsb5EFexXtqfLLeGjFTu2a9rw - bB6mM3GKmMszwif/i9uO/NeK1LlmN6g1vy07HtjQWh2LUa9AbeIp6s1UUcruCGem - FSzLRmcOY4wi0gGm8Vwg9MRtS6sUe7bfM7uPXwIDAQABo4GpMIGmMB8GA1UdIwQY - MBaAFKFAgcvZmgX3tnFhcPQ5i4jZ+xE9MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P - AQH/BAQDAgHGMB0GA1UdDgQWBBShQIHL2ZoF97ZxYXD0OYuI2fsRPTBDBggrBgEF - BQcBAQQ3MDUwMwYIKwYBBQUHMAGGJ2h0dHA6Ly9pcGEtY2EuZGVtbzEuZnJlZWlw - YS5vcmcvY2Evb2NzcDANBgkqhkiG9w0BAQsFAAOCAYEAH0du998ux4CkH/W9/2l0 - GnnHE5GbBBcGd4zEIxxoe0kYm7MKJjXL9gDRZ3RMseEhy0mAX8cixA7xmg/IFgM9 - TFHoHbTUNgEzLZtOYl5Qccp48ZV1XLrzfK1DorEH6tgza0X2rNJ7RU25sq9i687Y - S0Tt6W3CNkOnQed7blDbxfZJOq7gvqiTFy09a5OXv2AxpkmRrLwFWd/+4Whbsji1 - wiwTD+t7gDTGizqINEsJ3lT+2dDp+mAxPKTd4XiTE4aBPVc4LBxHDnMzqFxa1qzG - v/BL+aa3FkahD/zMm6/B70iApFOFeCrng/1Q7DxUsBWWuzS+oVdm8MEUWtHxANC5 - VG91hbzs4jBAig6AY1hGe49oOabkM1IGhp/TIySAaogA4BFS9DNV1TyNZ4Y9PO61 - JZHjzfXOLIdSlluwsBJem4Lj6Xdw8epzANA0CVnEQ5R1Aql0uRlSsAuhcsleCYJC - 4gbTjx3PDQLm4BUvsNZ62knVDJPvjAX4nOybumpLAVKg - -----END CERTIFICATE----- + ServerList: + Url: "ldaps://ipa.demo1.freeipa.org" + Port: 636 + Weight: 10 + BaseDN: "cn=users,cn=accounts,dc=demo1,dc=freeipa,dc=org" + Attribute: "uid" + MinVersionTLS: "tls.VersionTLS10" + MaxVersionTLS: "tls.VersionTLS13" + CertificateAuthority: |- + -----BEGIN CERTIFICATE----- + MIIFWzCCA8OgAwIBAgIBCDANBgkqhkiG9w0BAQsFADA8MRowGAYDVQQKDBFERU1P + MS5GUkVFSVBBLk9SRzEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X + DTIzMDQyMDEzMzYxNFoXDTI1MDQyMDEzMzYxNFowPDEaMBgGA1UECgwRREVNTzEu + RlJFRUlQQS5PUkcxHjAcBgNVBAMMFWlwYS5kZW1vMS5mcmVlaXBhLm9yZzCCASIw + DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMEzBE9i2gqOMM2HKyNnM7Ih5+mv + duVmE5D+5raJtqA1eNZkNrQmSaKwS9cnHGX+2/zSY1FDkZnIhGXySPf0/7fxCuG/ + J9MvRlecGnJTWOCvPIVhkvd5PyTKkClmsk4ojx2IwCU6q2nvy0zvSxhhzd2UpOL6 + y7fNtS3VBYYZjWNEv0K7F+pGtW40MauGDotsP1zQmyVW5J1IszDDlRgTLC6azdBs + +RP0vYCyKkgh1tpWLYfFnQhNVOlja79QcnlKdvnZu4sFdDSvOqext28mBJuCm8ib + HLnQQcxTqg2jMx8AW2zh9F8sMoEsn/mjDHI41oGGsHeZt3j5a8Ab7jtlz8MCAwEA + AaOCAeYwggHiMB8GA1UdIwQYMBaAFKFAgcvZmgX3tnFhcPQ5i4jZ+xE9MEMGCCsG + AQUFBwEBBDcwNTAzBggrBgEFBQcwAYYnaHR0cDovL2lwYS1jYS5kZW1vMS5mcmVl + aXBhLm9yZy9jYS9vY3NwMA4GA1UdDwEB/wQEAwIE8DAdBgNVHSUEFjAUBggrBgEF + BQcDAQYIKwYBBQUHAwIwfAYDVR0fBHUwczBxoDmgN4Y1aHR0cDovL2lwYS1jYS5k + ZW1vMS5mcmVlaXBhLm9yZy9pcGEvY3JsL01hc3RlckNSTC5iaW6iNKQyMDAxDjAM + BgNVBAoMBWlwYWNhMR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHQYD + VR0OBBYEFGsje2irExO4AvvLW6jv2oEkrZfSMIGtBgNVHREEgaUwgaKCFWlwYS5k + ZW1vMS5mcmVlaXBhLm9yZ6A8BgorBgEEAYI3FAIDoC4MLGxkYXAvaXBhLmRlbW8x + LmZyZWVpcGEub3JnQERFTU8xLkZSRUVJUEEuT1JHoEsGBisGAQUCAqBBMD+gExsR + REVNTzEuRlJFRUlQQS5PUkehKDAmoAMCAQGhHzAdGwRsZGFwGxVpcGEuZGVtbzEu + ZnJlZWlwYS5vcmcwDQYJKoZIhvcNAQELBQADggGBADO5SovCVFoVJQOKxrePdh5y + VIQ45UQSjmfXT+FlzbzlX47ejpvdqDKDl0yj5JBUKtKxv3Mj6natUQAVnveRcXlo + mjzEOQsozCaWcCrtnIW8AOny78DjxnSdwPqd/TRV4r2/T2cRndd0GCg6LrQxEdTf + VNKJAMAYin6xmopsarpXwVJVd7YweFUMd7Tu5Tvpde1oubnBtb7ZEGixb6AB200g + lHQroWz6s+a/d7BxsyM0DA5bOk728LqroIJ8m/9xIbnACoyeVdmM5BF/1/cUsX4N + RkRJIfcITNB3zr/4WUldKsM/7bfEA5S0GQUjTd4njt5r7d8j2r6V88maN9ANgXZ4 + Vf1RbjmTOw4OovwGXtRu8DkQ4kSqnyd1COelH48EfGxtOYbzqNNgnip+95mmMoFr + 3BkxKP8G/lQ3kGOYqBIQ+1ICtvx29Smllo87RkJ3KltHy7RKVMZry7inLTqCNBAA + uIdew6R5uJhBBrfjmXGyGjba9wtxDPiPoTa9gGAu7w== + -----END CERTIFICATE----- + -----BEGIN CERTIFICATE----- + MIIEnTCCAwWgAwIBAgIBATANBgkqhkiG9w0BAQsFADA8MRowGAYDVQQKDBFERU1P + MS5GUkVFSVBBLk9SRzEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4X + DTIzMDQyMDEzMzM1NFoXDTQzMDQyMDEzMzM1NFowPDEaMBgGA1UECgwRREVNTzEu + RlJFRUlQQS5PUkcxHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTCCAaIw + DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALLzV665748bW3Da/ZVTZ4BVHrCW + RuuT+7bgT6CZOUMri8F+KuQ6sT+o3hQuyrp4qWn0sU3bO9TCXjkQ4B8uo8ZR3RvR + +2FXENtUQukI4PTXXoKjqJkGrgWVyISfkvNZvsl/bOEtVJ6nh3DBLhYM0HEENccL + 0b1SALdntQwGFJfWkRD0FbjBo7CPxePm7L2VViDMY0cYeUdgETcqc9Zw90gUEqTt + keHqPmBkiOUVk09f3qtdoukRqAvx3nKhUu7vHEf+DJJoQtr3ilUXZQZ/6lKkYl9k + mdwjt+9YeCaKV0s7RI4G+25xo1ZSB3IfMMGISGf/0mOyg4LgWyuuDF/ip5+gI46b + Ol85DrhJAfeYoFbjx+zsoY9mn0kiMBnxg+NkvJitsb5EFexXtqfLLeGjFTu2a9rw + bB6mM3GKmMszwif/i9uO/NeK1LlmN6g1vy07HtjQWh2LUa9AbeIp6s1UUcruCGem + FSzLRmcOY4wi0gGm8Vwg9MRtS6sUe7bfM7uPXwIDAQABo4GpMIGmMB8GA1UdIwQY + MBaAFKFAgcvZmgX3tnFhcPQ5i4jZ+xE9MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P + AQH/BAQDAgHGMB0GA1UdDgQWBBShQIHL2ZoF97ZxYXD0OYuI2fsRPTBDBggrBgEF + BQcBAQQ3MDUwMwYIKwYBBQUHMAGGJ2h0dHA6Ly9pcGEtY2EuZGVtbzEuZnJlZWlw + YS5vcmcvY2Evb2NzcDANBgkqhkiG9w0BAQsFAAOCAYEAH0du998ux4CkH/W9/2l0 + GnnHE5GbBBcGd4zEIxxoe0kYm7MKJjXL9gDRZ3RMseEhy0mAX8cixA7xmg/IFgM9 + TFHoHbTUNgEzLZtOYl5Qccp48ZV1XLrzfK1DorEH6tgza0X2rNJ7RU25sq9i687Y + S0Tt6W3CNkOnQed7blDbxfZJOq7gvqiTFy09a5OXv2AxpkmRrLwFWd/+4Whbsji1 + wiwTD+t7gDTGizqINEsJ3lT+2dDp+mAxPKTd4XiTE4aBPVc4LBxHDnMzqFxa1qzG + v/BL+aa3FkahD/zMm6/B70iApFOFeCrng/1Q7DxUsBWWuzS+oVdm8MEUWtHxANC5 + VG91hbzs4jBAig6AY1hGe49oOabkM1IGhp/TIySAaogA4BFS9DNV1TyNZ4Y9PO61 + JZHjzfXOLIdSlluwsBJem4Lj6Xdw8epzANA0CVnEQ5R1Aql0uRlSsAuhcsleCYJC + 4gbTjx3PDQLm4BUvsNZ62knVDJPvjAX4nOybumpLAVKg + -----END CERTIFICATE-----