'How do I authenticate (bind) to ldaps using username and password with the ldap3 crate?
I am searching for a way to supply the username and password while connecting to ldaps. The examples on the documentation page for crate ldap3 seem not illustrate supplying username and password while binding to ldap.
//taken from https://docs.rs/crate/ldap3/0.9.3
use ldap3::{LdapConn, Scope, SearchEntry};
use ldap3::result::Result;
fn main() -> Result<()> {
let mut ldap = LdapConn::new("ldap://localhost:2389")?;
let (rs, _res) = ldap.search(
"ou=Places,dc=example,dc=org",
Scope::Subtree,
"(&(objectClass=locality)(l=ma*))",
vec!["l"]
)?.success()?;
for entry in rs {
println!("{:?}", SearchEntry::construct(entry));
}
Ok(ldap.unbind()?)
}
Solution 1:[1]
This is the solution that I got working on my own project, I hope it helps:
use ldap3::{LdapConnAsync, LdapConnSettings};
// Pass in username and password to authenticate against LDAP
async fn authenticate(username: &str, password: &str) -> bool {
// Connection to the LDAP Server
let (conn, mut ldap) =
LdapConnAsync::with_settings(LdapConnSettings::new()
.set_starttls(true)
.set_no_tls_verify(true),
"ldap://localhost:2389").await.unwrap();
ldap3::drive!(conn);
// Takes the username provided and converts it into an email for validation
// This is required because LDAP uses either the Distinguished name or Email in order to bind. Username alone will not work :/
let email = format!("{}@domain.com", username);
// Attempts a simple bind using the passed in values of username and Password
let result = ldap.simple_bind(email.as_str(), password).await.unwrap().success();
ldap.unbind().await.unwrap();
// If the authentication is successful return true, else return false.
if !result.is_err() {
true
} else { false }
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 |