{"id":13806046,"url":"https://github.com/yammer/dropwizard-auth-ldap","last_synced_at":"2025-05-13T21:32:18.560Z","repository":{"id":12328324,"uuid":"14966400","full_name":"yammer/dropwizard-auth-ldap","owner":"yammer","description":"Dropwizard Authentication Module for LDAP using JNDI.","archived":false,"fork":false,"pushed_at":"2017-07-31T18:43:07.000Z","size":253,"stargazers_count":36,"open_issues_count":3,"forks_count":17,"subscribers_count":164,"default_branch":"master","last_synced_at":"2024-06-21T18:10:13.292Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yammer.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-12-05T21:34:50.000Z","updated_at":"2022-11-07T21:08:26.000Z","dependencies_parsed_at":"2022-07-15T11:30:29.952Z","dependency_job_id":null,"html_url":"https://github.com/yammer/dropwizard-auth-ldap","commit_stats":null,"previous_names":[],"tags_count":31,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yammer%2Fdropwizard-auth-ldap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yammer%2Fdropwizard-auth-ldap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yammer%2Fdropwizard-auth-ldap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yammer%2Fdropwizard-auth-ldap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yammer","download_url":"https://codeload.github.com/yammer/dropwizard-auth-ldap/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":213870459,"owners_count":15650178,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T01:01:07.381Z","updated_at":"2024-08-04T01:05:38.327Z","avatar_url":"https://github.com/yammer.png","language":"Java","funding_links":[],"categories":["Open Source"],"sub_categories":["Authentication"],"readme":"LDAP Authenticator [![Build Status](https://travis-ci.org/yammer/dropwizard-auth-ldap.svg)](https://travis-ci.org/yammer/dropwizard-auth-ldap) [![Maven Central](https://maven-badges.herokuapp.com/maven-central/com.yammer.dropwizard/dropwizard-auth-ldap/badge.svg)](https://maven-badges.herokuapp.com/maven-central/com.yammer.dropwizard/dropwizard-auth-ldap)\n==================\n\nThis is a simple dropwizard-auth module using Basic-Auth + LDAP for authentication. This is the module internal tools at Yammer\nused to authenticate users.\n\nNote: This module has only been subjected to the traffic of our engineering team. We have not used this to authenticate high-traffic or\ntuned the JNDI connection pool as such.\n\nMaven\n-----\n   \n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003ecom.yammer.dropwizard\u003c/groupId\u003e\n    \u003cartifactId\u003edropwizard-auth-ldap\u003c/artifactId\u003e\n    \u003cversion\u003e1.0.4\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\nLegacy Dropwizard Support\n------------------\n0.0.x releases will contain bug/security updates.\n0.1.x and beyond will support 0.7+ dropwizard\n\nHow To Use\n----------\n\n```java\nLdapConfiguration configuration = new LdapConfiguration();\nLdapAuthenticator authenticator = new LdapAuthenticator(configuration);\nauthenticator.authenticate(new BasicCredentials(\"user\", \"password\"));\n```\n\nAdd it to your Service\n----------------------\n\nI assume you are already familiar with dropwizard's authentication module.\nYou can find more information about dropwizard authentication at http://www.dropwizard.io/manual/auth.html\n\nHere is an example how to add `LdapAuthenticator` using a `CachingAuthenticator` to your service:\n\n```java\n@Override\npublic void run(ExampleAppConfiguration configuration, Environment environment) throws Exception {\n      final LdapConfiguration ldapConfiguration = configuration.getLdapConfiguration();\n    \n      Authenticator\u003cBasicCredentials, User\u003e ldapAuthenticator = new CachingAuthenticator\u003c\u003e(\n              environment.metrics(),\n              new ResourceAuthenticator(new LdapAuthenticator(ldapConfiguration)),\n              ldapConfiguration.getCachePolicy());\n    \n      environment.jersey().register(new AuthDynamicFeature(\n              new BasicCredentialAuthFilter.Builder\u003cUser\u003e()\n                      .setAuthenticator(ldapAuthenticator)\n                      .setRealm(\"LDAP\")\n                      .buildAuthFilter()));\n    \n      environment.jersey().register(new AuthValueFactoryProvider.Binder\u003c\u003e(User.class));\n    \n      environment.healthChecks().register(\"ldap\", new LdapHealthCheck\u003c\u003e(\n              new ResourceAuthenticator(new LdapCanAuthenticate(ldapConfiguration))));}\n```\n\nhttps://github.com/yammer/dropwizard-auth-ldap/blob/master/src/test/java/com/yammer/dropwizard/authenticator/tests/ExampleAppTest.java\n\nAdditional Notes\n----------------------\n\nMake sure to register your resources. Example:\n\n```java\nenvironment.jersey().register(new YourResource());\n```\nConfiguration\n-------------\n\n```yml\nuri: ldaps://myldap.com:636\ncachePolicy: maximumSize=10000, expireAfterWrite=10m\nuserFilter: ou=people,dc=yourcompany,dc=com\ngroupFilter: ou=groups,dc=yourcompany,dc=com\nuserNameAttribute: cn\ngroupNameAttribute: cn\ngroupMembershipAttribute: memberUid\ngroupClassName: posixGroup\nrestrictToGroups:\n    - user\n    - admin\n    - bots\nconnectTimeout: 500ms\nreadTimeout: 500ms\nnegotiateTls: strict\n```\n\n* Group filtering is done by default using only the username provided. The full DN of the user's account will be used\nif `groupClassName` and `groupMembershipAttribute` are set to either `groupOfNames` and `member` or `groupOfUniqueNames` \nand `uniqueMember`.\n* `negotiateTls` can be `NONE`, `ATTEMPT`, or `STRICT`. Where `ATTEMPT` tries to negotiate TLS if possible and `STRICT` \nfails the entire operation if TLS does not succeed in being established. Note that you may see exceptions related to the\ninitial TLS negotiation attempt in your logs if negotation fails.\n\n\nCHANGELOG\n---------\nCheck the [Changelog](https://github.com/yammer/dropwizard-auth-ldap/blob/master/CHANGELOG.md) for detailed updates.\n\nBugs and Feedback\n-----------------\nFor bugs, questions, and discussions please use the [Github Issues](https://github.com/yammer/dropwizard-auth-ldap/issues)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyammer%2Fdropwizard-auth-ldap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyammer%2Fdropwizard-auth-ldap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyammer%2Fdropwizard-auth-ldap/lists"}