ldap login support anonymous search mode

This commit is contained in:
Feng_Qi 2020-03-23 00:04:15 +08:00
parent 7c86e8f58e
commit a5be668359
1 changed files with 7 additions and 6 deletions

View File

@ -45,16 +45,17 @@ func ldapReq(user, pass string) (*ldap.SearchResult, error) {
defer conn.Close() defer conn.Close()
if !lc.TLS && lc.StartTLS { if !lc.TLS && lc.StartTLS {
err = conn.StartTLS(&tls.Config{InsecureSkipVerify: true}) if err := conn.StartTLS(&tls.Config{InsecureSkipVerify: true}); err != nil {
if err != nil {
return nil, fmt.Errorf("ldap.conn startTLS fail: %v", err) return nil, fmt.Errorf("ldap.conn startTLS fail: %v", err)
} }
} }
//if bindUser is empty, anonymousSearch mode
err = conn.Bind(lc.BindUser, lc.BindPass) if lc.BindUser != "" {
if err != nil { //BindSearch mode
if err := conn.Bind(lc.BindUser, lc.BindPass); err != nil {
return nil, fmt.Errorf("bind ldap fail: %v, use %s", err, lc.BindUser) return nil, fmt.Errorf("bind ldap fail: %v, use %s", err, lc.BindUser)
} }
}
searchRequest := ldap.NewSearchRequest( searchRequest := ldap.NewSearchRequest(
lc.BaseDn, // The base dn to search lc.BaseDn, // The base dn to search