如何通过node.js对Windows AD用户进行身份验证? [英] How to auth windows AD users by node.js?
本文介绍了如何通过node.js对Windows AD用户进行身份验证?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我最近需要对Windows AD用户进行身份验证.情况如下
I need to auth windows AD users recently. The scenario is below
- 网页在服务器A(Vue + vue-router)上运行
- Api接口在服务器B(节点+ express)上运行
- 用户输入的AD用户名&网页上的密码(服务器A)
- 通过用户名& pwd到服务器B上的api接口进行身份验证
- 服务器B身份验证用户名&通过LDAP(windwos AD)pwd
- 服务器B上的api将反馈返回到网页(服务器A)
因此,在服务器B上是否可以实施任何解决方案来验证用户名&通过LDAP pwd吗?
So, is there any solution could be implemented on Server B to auth username & pwd via LDAP?
太棒了!
推荐答案
我找到了解决方案.参考: Node JS LDAP Auth User
I found the solution. refer to: Node JS LDAP Auth User
var ldap = require('ldapjs');
var client = ldap.createClient({
url: 'ldap://ldapserver:port/',
timeout: 5000,
connectTimeout: 10000
});
var opts = {
filter: '(&(cn=*))',
scope: 'sub',
// This attribute list is what broke your solution
attributes:['SamAccountName','dn']
};
console.log('--- going to try to connect user ---');
try {
client.bind(username, password, function (error) { //first need to bind
if(error){
console.log(error.message);
client.unbind(function(error) {if(error){console.log (error.message);} else{console.log('client disconnected');}});
} else {
console.log('connected');
client.search('ou=users, ou=compton, dc=batman, dc=com', opts, function(error, search) {
console.log('Searching.....');
search.on('searchEntry', function(entry) {
if(entry.object){
console.log('entry: %j ' + JSON.stringify(entry.object));
}
client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}});
});
search.on('error', function(error) {
console.error('error: ' + error.message);
client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}});
});
}
});
} catch(error){
console.log(error);
client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}});
}
请记住如果遇到错误~~~:超出大小限制"错误,请使用分页和sizeLimit参数.
remember if you get 'error~~~: Size Limit Exceeded' error, use paged and sizeLimit param.
var opts = {
filter: '(objectclass=commonobject)',
scope: 'sub',
paged: true,
sizeLimit: 200
};
这篇关于如何通过node.js对Windows AD用户进行身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文