Comments (13)
@chazt3n not sure i follow your question.
We us the library in our app as described in the read me.
In terms of authentication vis cert, we implement the client side validation callback, that loads a pfx and attaches to all subsequent calls.
from novell.directory.ldap.netstandard.
This is what I have so far:
ldapConnection = new LdapConnection();
ldapConnection.SecureSocketLayer = true;
ldapConnection.UserDefinedServerCertValidationDelegate += new RemoteCertificateValidationCallback((sender, certificate, chain, errors) => true);
ldapConnection.Connect(hostName, portNumber);
ldapConnection.Bind("", "");
I can't figure out how to add the certificate to the connection request. I installed the certificate in the store, but this didn't help.
from novell.directory.ldap.netstandard.
This feature is not implemented yet. Someone else asked also about this - see here #9
from novell.directory.ldap.netstandard.
Hi, I'm willing to help too for this feature, can you please give work direction?
from novell.directory.ldap.netstandard.
Authentication with client certificate is supported by SslStream (already used for ssl/tls support).
Short description of how authenticatin with client certificate works with ldap - https://tools.ietf.org/html/rfc2829#section-7.1
From what I understand using SslStream with authentication with client certificate + sending a different type of bind request (EXTERNAL) should work - but I may be wrong :)
from novell.directory.ldap.netstandard.
Thanks for the suggestion. Do you have any sample code that is using such a binding?
from novell.directory.ldap.netstandard.
Maybe I wasn't clear enough - but sending a bind request with type EXTERNAL is not supported yet by this library - I was saying what is required for this library to authenticate with client certificate.
SslStream support sending the certificate for authentication but the ldap client still needs to let the server know that it wants to use that for authentication - that is the purpose of that bind request.
from novell.directory.ldap.netstandard.
Do we know if this is going to be supported soon? This library is my best hope for ldap queries on .net core (from a linux machine) however I can't use it without the certificate functionality .
from novell.directory.ldap.netstandard.
Are there any progress around this PR? We are also in need of this feature with .NCore. Or do you know any other packages that support this?
from novell.directory.ldap.netstandard.
Hello!
Any chance this has been completed? We really need to be able use LDAPS with certs and this would be great if it can be used.
from novell.directory.ldap.netstandard.
hello,
we too had a similar need of this library.
We have forked the code and succeeded in completing authentication using a client certificate.
Here is the Pull Request:
Note we used a .pfx to complete this.
from novell.directory.ldap.netstandard.
@barry-r-moore how does one use this?
from novell.directory.ldap.netstandard.
Latest master - which will get published as 3.6.x - has SASL authentication using client certificate implemented e.g.
var options = new LdapConnectionOptions()
.UseSsl()
.ConfigureLocalCertificateSelectionCallback(...) // return your client certificate
using var ldapConnection = new LdapConnection(options);
ldapConnection.Connect(...) // to ssl port
ldapConnection.Bind(new SaslExternalRequest());
or
var options = new LdapConnectionOptions()
.ConfigureLocalCertificateSelectionCallback(...) // return your client certificate
using var ldapConnection = new LdapConnection(options);
ldapConnection.Connect(...)
ldapConnection.StartTLS();
ldapConnection.Bind(new SaslExternalRequest());
...
from novell.directory.ldap.netstandard.
Related Issues (20)
- Filter parsing throws on empty and/or
- Unlock AD LDAP locked Account using Novell Library?
- LdapConnection reuse HOT 1
- VLV control search issues HOT 1
- Not working on Android HOT 1
- Error:Connect Error
- SearchAsync runs forever if user not found HOT 3
- Low performance (in 100 times more) Connect/Bind methods in Docker on Win11 with Linux containers
- Paging not working HOT 2
- Query to Deleted Objects container
- change password?
- LDAPConnection.Search doesn't get repeated attribute names HOT 1
- UserDefinedServerCertValidationDelegate is obsolete, what to use instead? HOT 1
- Empty password in BindAsync does not throw exception HOT 1
- Bind() with exclamation mark in the password HOT 1
- Bind operation with empty password doesn't throw exception HOT 1
- Unable to connect AD (TLS) server on Linux machine HOT 1
- Groups with more than 1500 members
- olcAccess modifications
- Referral filter is not decoded. Space character (%20) breaks the following LDAP search (3.6.0)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from novell.directory.ldap.netstandard.