Hi, I’m aware that we can use LDAPS but currently we don’t support that and TLS over LDAP is what we are using. So I’m wondering can I make shinyproxy to use TLS over LDAP by modifying the configuration file, or do I need to modify the source code? Thanks!
Hi @Keqiang_Li,
This is currently not possible via configuration. You’d have to modify the source code in
LDAPAuthenticationType.java
Something along the lines of:
DefaultTlsDirContextAuthenticationStrategy strategy = new DefaultTlsDirContextAuthenticationStrategy();
strategy.setSslSocketFactory(sslSocketFactory);
contextSource.setAuthenticationStrategy(strategy);
As you can see, ShinyProxy uses the Spring framework for LDAP connectivity. See here for more info (pt 8.1.3.1):
http://docs.spring.io/spring-ldap/site/reference/html/configuration.html
Regards,
Frederick
StartTLS is now supported out of the box (since release 1.0.0)
Details on how to configure it can be found here:
https://www.shinyproxy.io/configuration/#ldap
Best,
Tobias
1 Like