-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LDAP Client x509 Certificate Authentication #3
Comments
Hi @precurse ! I've just released If this is indeed what you're after, I invite you to run a few tests with this module. You have to use SSP |
Thanks @tvdijen. Oh wow, I totally forgot I had this ticket open :) I'm no longer in a role that would let me test this unfortunately, but from quickly eyeballing the source it looks right. Thanks for the follow up. I'll close the ticket, but feel free to re-open if you want someone else to confirm if this works. Cheers! |
Sorry for taking so long... |
Google announced their LDAP service: https://support.google.com/cloudidentity/answer/9089736 and we wanted to see if we could get it working for our users.
However, it requires a client certificate to authenticate to the server, which SimpleSAMLphp doesn't support: https://simplesamlphp.org/docs/stable/ldap:ldap . It seems to only support username/password for client authentication.
It would be nice to be able to support client cert/key for authentication in addition to username/password. OpenLDAP supports it using TLS_CERT and TLS_KEY.
It seems that support for this may have only come into PHP in version 7.1: http://php.net/manual/en/function.ldap-set-option.php
The text was updated successfully, but these errors were encountered: