ldap authentication with gitblit 1.0

2019-09-01 14:00发布

I have just obtained Gitblit's newest release 1.0 available Here

I am trying to integrate the LDAP method of authentication. Since I think my ldap is non typical I'm having trouble with what the terms match against.

So far, I have been following the limited resources (since 1.0 just came out) and the google groups.

However, I cannot even get my server to connect.

I will paste the fields that Gitblit needs for authentication, and then I will paste some of the relevant fields listed in my ldap..

I've had trouble with the ldap structure before, but I'm wondering if it is just me.

Thanks!

inside: gitblit.properties

realm.ldap.server = http://127.0.0.1 #for this purpose

# Login username for LDAP searches.
  realm.ldap.username = username

# Login password for LDAP searches.
  realm.ldap.password = password

# Root node for all LDAP users
  realm.ldap.accountBase = CN=Users,DC=rem,DC=pri

# Filter criteria for LDAP users
# Query pattern to use when searching for a user account. This may be any valid 
# LDAP query expression, including the standard (&) and (|) operators.
#    ${username} - The text entered as the user name
  realm.ldap.accountPattern = (&(objectClass=person)(sAMAccountName=${jsmith}))

# Root node for all LDAP groups to be used as Gitblit Teams
# This is the root node from which subtree team searches will begin.
  realm.ldap.groupBase = 

# Filter criteria for LDAP groups
# Variables may be injected via the ${variableName} syntax.
# Recognized variables are:
#    ${username} - The text entered as the user name
#    ${dn} - The Distinguished Name of the user logged in
# All attributes from the LDAP User record are available. For example, if a user
# has an attribute "fullName" set to "John", "(fn=${fullName})" will be 
# translated to "(fn=John)".
  realm.ldap.groupMemberPattern = (&(objectClass=group))

This is a picture of what my directory listing looks like (obviously the identifying things have been removed)

ldap directory

1条回答
beautiful°
2楼-- · 2019-09-01 14:37

I don't know anything about Gitblit but shouldn't

realm.ldap.accountPattern = (&(objectClass=person)(sAMAccountName=${jsmith}))

be

realm.ldap.accountPattern = (&(objectClass=person)(sAMAccountName=${username}))

for variable-based searches, or

realm.ldap.accountPattern = (&(objectClass=person)(sAMAccountName=jsmith))

if you were trying to hard-code the search (for testing)?

查看更多
登录 后发表回答