我无法使用标题中提到的工具/应用程序对Active Directory服务器进行身份验证.
我正在使用测试AD环境找到here
以下是相关的代码片段,如果有人有任何建议我会非常感激.
目前,我得到的错误是“无效的用户名/密码”.我不确定这是bindDn帐户/ pw还是用户在表单中输入的帐户.根据护照-ldapauth项目,它是:
invalidCredentials flash message for InvalidCredentialsError NoSuchObjectError,and /no such user/i LDAP errors (default: 'Invalid username/password')
提前致谢.
客户端 – auth.service.js
... login: function(user,callback) { var cb = callback || angular.noop; var deferred = $q.defer(); $http.post('/auth/ldap',{ email: user.email,password: user.password }). success(function(data) { $cookieStore.put('token',data.token); currentUser = User.get(); deferred.resolve(data); return cb(); }). error(function(err) { this.logout(); deferred.reject(err); return cb(err); }.bind(this)); return deferred.promise; },...
SERVER index.js
'use strict'; var express = require('express'); var passport = require('passport'); var auth = require('../auth.service'); var router = express.Router(); router.post('/',function(req,res,next) { passport.authenticate('ldapauth',function (err,user,info) { var error = err || info; if (error) return res.json(401,error); if (!user) return res.json(404,{message: 'Something went wrong,please try again.'}); var token = auth.signToken(user._id,user.role); res.json({token: token}); })(req,next) }); module.exports = router;
SERVER passport.js
var passport = require('passport'); var LdapStrategy = require('passport-ldapauth').Strategy; exports.setup = function (User,config) { passport.use(new LdapStrategy({ usernameField: 'email',passwordField: 'password',server: { url: 'ldap://ldap.forumsys.com:389',bindDn: "cn=read-only-admin,dc=example,dc=com",bindCredentials: "password",searchBase: 'ou=mathematicians,dc=com',searchFilter: 'uid={{username}}' } },function (user,done) { return done(null,user); } )); };
问题出在搜索库中的ou =数学家.该网页的评论中提到了以下内容:
The issue you are seeing is due to the fact that “uid=riemann” is a member of “ou=mathemeticians”,but does not reside under that ou. His membership in that ou is established by a uniqueMember attribute on “ou=mathemeticians”.
这应该工作(甚至使用passport-ldapauth使用的ldapauth-fork尝试):
var opts = { server: { "url": "ldap://ldap.forumsys.com:389","adminDn": "cn=read-only-admin,"adminPassword": "password","searchBase": "dc=example,"searchFilter": "(uid={{username}})",} };