OPTION(rgw_ldap_binddn, OPT_STR, "uid=admin,cn=users,dc=example,dc=com")
/* rgw_ldap_searchdn LDAP search base (basedn) */
OPTION(rgw_ldap_searchdn, OPT_STR, "cn=users,cn=accounts,dc=example,dc=com")
-/* rgw_ldap_memberattr LDAP attribute containing RGW user names */
-OPTION(rgw_ldap_memberattr, OPT_STR, "uid")
+/* rgw_ldap_dnattr LDAP attribute containing RGW user names (to form binddns)*/
+OPTION(rgw_ldap_dnattr, OPT_STR, "uid")
/* rgw_ldap_secret file containing credentials for rgw_ldap_binddn */
OPTION(rgw_ldap_secret, OPT_STR, "/etc/openldap/secret")
/* rgw_s3_auth_use_ldap use LDAP for RGW auth? */
const string& ldap_uri = store->ctx()->_conf->rgw_ldap_uri;
const string& ldap_binddn = store->ctx()->_conf->rgw_ldap_binddn;
const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn;
- const string& ldap_memberattr =
- store->ctx()->_conf->rgw_ldap_memberattr;
+ const string& ldap_dnattr =
+ store->ctx()->_conf->rgw_ldap_dnattr;
ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_searchdn,
- ldap_memberattr);
+ ldap_dnattr);
ldh->init();
ldh->bind();
std::string uri;
std::string binddn;
std::string searchdn;
- std::string memberattr;
+ std::string dnattr;
LDAP *ldap;
public:
LDAPHelper(std::string _uri, std::string _binddn, std::string _searchdn,
- std::string _memberattr)
+ std::string _dnattr)
: uri(std::move(_uri)), binddn(std::move(_binddn)), searchdn(_searchdn),
- memberattr(_memberattr), ldap(nullptr) {
+ dnattr(_dnattr), ldap(nullptr) {
// nothing
}
int ret;
std::string filter;
filter = "(";
- filter += memberattr;
+ filter += dnattr;
filter += "=";
filter += uid;
filter += ")";
- char *attrs[] = { const_cast<char*>(memberattr.c_str()), nullptr };
+ char *attrs[] = { const_cast<char*>(dnattr.c_str()), nullptr };
LDAPMessage *answer, *entry;
ret = ldap_search_s(ldap, searchdn.c_str(), LDAP_SCOPE_SUBTREE,
filter.c_str(), attrs, 0, &answer);
const string& ldap_uri = store->ctx()->_conf->rgw_ldap_uri;
const string& ldap_binddn = store->ctx()->_conf->rgw_ldap_binddn;
const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn;
- const string& ldap_memberattr =
- store->ctx()->_conf->rgw_ldap_memberattr;
+ const string& ldap_dnattr =
+ store->ctx()->_conf->rgw_ldap_dnattr;
ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_searchdn,
- ldap_memberattr);
+ ldap_dnattr);
ldh->init();
ldh->bind();
string ldap_uri = "ldaps://f23-kdc.rgw.com";
string ldap_binddn = "uid=admin,cn=users,cn=accounts,dc=rgw,dc=com";
string ldap_searchdn = "cn=users,cn=accounts,dc=rgw,dc=com";
- string ldap_memberattr = "uid";
+ string ldap_dnattr = "uid";
- rgw::LDAPHelper ldh(ldap_uri, ldap_binddn, ldap_searchdn, ldap_memberattr);
+ rgw::LDAPHelper ldh(ldap_uri, ldap_binddn, ldap_searchdn, ldap_dnattr);
} /* namespace */
projects / ceph.git / commitdiff