@cepharum/ldap-bridge
Advanced tools
remotely backed LDAP authentication
MIT
This package implements an LDAP service suitable for authenticating users. It is translating incoming requests for binding as a user into authentication requests against configurable backend services such as POP3.
Using this service, you can set up an LDAP-aware service such as Jitsi or Mattermost for users authenticating against the POP3 of your local MTA.
In production mode the service requires encrypted connections with its clients as well as with backend services. Due to its nature it is forwarding any password provided by a client to related backend service. It isn't storing passwords. It isn't caching any result either. The service is working stateless.
As a beneficial side effect this results in this service's horizontal scalability.
To conclude, from a user's point of view this tool relies on a security issue as soon as you authenticate against backends you don't manage. This is due to the possibility of reading/tracking sensitive information meant to be shared by your user and the remote backend, only.
In a locally created folder run:
npm install @cepharum/ldap-bridge
Create local copy of distributed configuration file:
cp node_modules/@cepharum/ldap-bridge/config.dist.js config.js
Open file config.js in your favourite text editor and adjust it according to your needs.
Eventually start the service with:
npx ldap-bridge
The latest version is available as a docker image named registry.gitlab.com/cepharum-foss/ldap-bridge, too.
On first run this image is writing configuration template into mounted volume for review.
mkdir -p data
docker run -it --rm -v $(pwd)/data:/config registry.gitlab.com/cepharum-foss/ldap-bridge
After adjusting the configuration in data/config.js you can start the container with:
docker run -d --rm -p 636:636 -v $(pwd)/data:/config registry.gitlab.com/cepharum-foss/ldap-bridge
The service is logging to the console using debug. Thus, you can use DEBUG environment variable to adjust log levels. In docker image this defaults to *:alter,*:error,*:warn,*:info.
In a production setup the service requires LDAP-side and backends to communicate over encrypted connections, only. You need to set NODE_ENV environment variable to development to work with non-encrypted LDAP server locally.
FAQs
remotely backed LDAP authentication
The npm package @cepharum/ldap-bridge receives a total of 1 weekly downloads. As such, @cepharum/ldap-bridge popularity was classified as not popular.
We found that @cepharum/ldap-bridge demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware payment rates hit an all-time low in 2024 as law enforcement crackdowns, stronger defenses, and shifting policies make attacks riskier and less profitable.
Security News
require(esm) backported to Node.js 20, easing the transition to ESM-only packages and reducing complexity for developers as Node 18 nears end-of-life.
Security News
PyPI now supports iOS and Android wheels, making it easier for Python developers to distribute mobile packages.