节点JS LDAP验证用户 [英] Node JS LDAP Auth User
问题描述
我创建一个登录验证页面,用户将输入有活动目录用户名和密码,并使用我的NodeJS会检查,看它是否是有效的,但我不断收到
[错误:LDAP错误坏搜索过滤器]
或
[错误:搜索返回= 1的结果!]
当我试图寻找的用户名和密码,我的code是如下:
我使用: https://github.com/jeremycx/node-LDAP ,让我们说,用户输入hhill的用户名
VAR LDAP =要求('LDAP');
VAR ldapServer =新的LDAP({URI:LDAP://batman.lan',版本:3}); ldapServer.open(功能(错误){
如果(错误){
抛出新的错误('广东话无法连接');
}其他{
的console.log('----连接到LDAP ----'); 用户名='(CN ='+用户名+')';
ldapServer.findandbind({
基地:OU =用户,OU =康普顿,DC =蝙蝠侠,DC =兰',
过滤器:用户名,
密码:密码
},功能(错误数据){
如果(错误){
的console.log(错误);
}其他{
的console.log('----验证用户----');
}
});
}
});
有没有人有任何建议,我在做什么错了?
更新
下面是我想到了,如果有谁需要它,有答案的帮助下
解决方案 VAR用户名= request.param(用户名);
VAR密码= request.param('密码'); VAR LDAP =要求('ldapjs');
ldap.Attribute.settings.guid_format = ldap.GUID_FORMAT_B;
VAR的客户= ldap.createClient({
网址:'LDAP://batman.com/cn='+username+',OU =用户,OU =康普顿,DC =蝙蝠侠,DC = com公司,
超时:5000,
connectTimeout:10000
});
VAR选择采用= {
过滤器:(及(对象类=用户)(SAM帐户='+用户名+')),
适用范围:'子',
属性:['的objectGUID]
}; 的console.log('---要尝试连接的用户---'); 尝试{
client.bind(用户名,密码功能(错误){
如果(错误){
的console.log(返回Error.message);
client.unbind(功能(错误){如果(错误){执行console.log(返回Error.message);}其他{的console.log('客户端断开连接');}});
}其他{
的console.log('连接');
client.search('OU =用户,OU =康普顿,DC =蝙蝠侠,DC = COM,选择采用,功能(错误,搜索){
的console.log('在搜索.....'); search.on('searchEntry',功能(输入){
如果(entry.object){
的console.log('条目:%J'+ JSON.stringify(entry.object));
}
}); search.on('错误',功能(错误){
console.error('错误:'+返回Error.message);
}); client.unbind(功能(错误){如果(错误){执行console.log(返回Error.message);}其他{的console.log('客户端断开连接');}});
});
}
});
}赶上(错误){
的console.log(错误);
client.unbind(功能(错误){如果(错误){执行console.log(返回Error.message);}其他{的console.log('客户端断开连接');}});
}
在这种情况下,你需要的ldapclient
,而不是 ldapServer
,这是从官方文档的例子code:
VAR LDAP =要求('ldapjs');ldap.Attribute.settings.guid_format = ldap.GUID_FORMAT_B;VAR的客户= ldap.createClient({
网址:'LDAP://127.0.0.1/CN=test,OU=Development,DC=Home
});VAR选择采用= {
过滤器:(对象类=用户),
适用范围:'子',
属性:['的objectGUID]
};client.bind(用户名,密码,功能(错误){
client.search(CN =测试,OU =开发,DC =家,选择采用,功能(ERR,搜索){
search.on('searchEntry',功能(输入){
VAR用户= entry.object;
的console.log(user.objectGUID);
});
});
});
I am creating a login authentication page, where a user would input there active directory username and password and using NodeJS I would check to see if it's valid, but I keep getting
[Error: LDAP Error Bad search filter]
or
[Error: Search returned != 1 results]
When I'm trying to search for the username and password, my code is below:
I'm using: https://github.com/jeremycx/node-LDAP, let's say that the user entered a username of hhill
var ldap = require('LDAP');
var ldapServer = new ldap({ uri: 'ldap://batman.lan', version: 3});
ldapServer.open(function(error) {
if(error) {
throw new Error('Cant not connect');
} else {
console.log('---- connected to ldap ----');
username = '(cn='+username+')';
ldapServer.findandbind({
base: 'ou=users,ou=compton,dc=batman,dc=lan',
filter: username,
password: password
}, function(error, data) {
if(error){
console.log(error);
} else {
console.log('---- verified user ----');
}
});
}
});
Does anyone have any suggestions on what I'm doing wrong?
UPDATE
Here is the solution I came up with if anyone ever needs it, with the help of the answer below
var username = request.param('username');
var password = request.param('password');
var ldap = require('ldapjs');
ldap.Attribute.settings.guid_format = ldap.GUID_FORMAT_B;
var client = ldap.createClient({
url: 'ldap://batman.com/cn='+username+', ou=users, ou=compton, dc=batman, dc=com',
timeout: 5000,
connectTimeout: 10000
});
var opts = {
filter: '(&(objectclass=user)(samaccountname='+username+'))',
scope: 'sub',
attributes: ['objectGUID']
};
console.log('--- going to try to connect user ---');
try {
client.bind(username, password, function (error) {
if(error){
console.log(error.message);
client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}});
} else {
console.log('connected');
client.search('ou=users, ou=compton, dc=batman, dc=com', opts, function(error, search) {
console.log('Searching.....');
search.on('searchEntry', function(entry) {
if(entry.object){
console.log('entry: %j ' + JSON.stringify(entry.object));
}
});
search.on('error', function(error) {
console.error('error: ' + error.message);
});
client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}});
});
}
});
} catch(error){
console.log(error);
client.unbind(function(error) {if(error){console.log(error.message);} else{console.log('client disconnected');}});
}
In this case, you need ldapClient
rather than ldapServer
, this is the example code from the official doc:
var ldap = require('ldapjs');
ldap.Attribute.settings.guid_format = ldap.GUID_FORMAT_B;
var client = ldap.createClient({
url: 'ldap://127.0.0.1/CN=test,OU=Development,DC=Home'
});
var opts = {
filter: '(objectclass=user)',
scope: 'sub',
attributes: ['objectGUID']
};
client.bind('username', 'password', function (err) {
client.search('CN=test,OU=Development,DC=Home', opts, function (err, search) {
search.on('searchEntry', function (entry) {
var user = entry.object;
console.log(user.objectGUID);
});
});
});
这篇关于节点JS LDAP验证用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!