'How to Authenticate with LDAP in R Shiny App
My company uses an LDAP server for authentication against an Active Directory. I need to authenticate users of a remotely hosted Shiny app using this. I managed to authenticate in Python, but need to port this to R:
import ldap
from getpass import getpass
username = "user_name"
password = getpass(prompt='Password: ', stream=None)
ldap_server = "ldap://company-ldap-server:636"
try:
# Create connection with LDAP server and set options
conn = ldap.initialize(ldap_server)
conn.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
conn.set_option(ldap.OPT_X_TLS_NEWCTX, 0)
# Authenticate by trying to connect
conn.simple_bind_s(username, password)
# Retrieve this user's name and email (for authorization)
info = conn.search_s("DC=ad,DC=company,DC=com", ldap.SCOPE_SUBTREE, f"cn={username}*")
conn.unbind_s()
except Exception:
print("ERROR: Could not connect")
Here's what I've tried in R:
library(RCurl)
ldap_server <- "ldap://company-ldap-server:636"
user <- "user_name"
RCurl::getURL(ldap_server, .opts=list(userpwd = paste0(user, "@ad.company.com:",
.rs.askForPassword("Password: "))
)
)
All I get is:
Error in function (type, msg, asError = TRUE) : LDAP local: bind ldap_result Can't contact LDAP server
In curlOptions()
there are some items similar to OPT_X_TLS_REQUIRE_CERT
and OPT_X_TLS_NEWCTX
, but curlSetOpts
with any of those names don't seem to work.
This question and answer comes close, but I want to authenticate a user by securely passing their username and password.
In this answer, they're trying to convert Shiny LDAP to flask (basically the opposite of mine). But I'm not sure where/how they specify that auth_active_dir
configuration...perhaps R Studio Connect or Shiny Open Server Pro. Neither of which are options for me.
It could be that the server is down at the moment. In the meantime, are these equivalent or is there something I'm missing in the R code?
# Python
conn = ldap.initialize(ldap_server)
conn.simple_bind_s(username, password)
# R
getURL(ldap_server, .opts=list(userpwd = "...."))
Solution 1:[1]
The format of your url (ldap_server) is not enough. How about you try: Following the post here: How do I run a ldap query using R?
ldap_server <- "ldap://company-ldap-server:636/OU=[value],dc=ad,dc=company,dc=com?cn,mail?sub?filter"
- Replace the [value] by removing bracket with your OU (which is company for me).
- sub is scope (base/one/sub) as values
- Replace "cn, mail" with whatever attributes you want to query
- filter is search filter making subset of the query: eg(sn=LastName).
Check out https://docs.oracle.com/cd/E19396-01/817-7616/ldurl.html for curl url.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 | Niranjan Poudel |