yesod-auth-ldap-native alternatives and similar packages
Based on the "yesod" category.
Alternatively, view yesod-auth-ldap-native alternatives based on common mentions on social networks and blogs.
-
yesod-persistent
A RESTful Haskell web framework built on WAI. -
yesod-auth-oauth2
OAuth2 authentication for yesod -
yesod-fay
Utilities for using the Fay Haskell-to-JS compiler with Yesod. -
-
yesod-dsl
A domain specific language and a code generator desined to create RESTful services for managing an RDBMS with Yesod web framework and Persistent. -
yesod-job-queue
Background job queue library for Yesod. -
yesod-purescript
PureScript integration for Yesod -
yesod-crud
Generic administrative CRUD operations as a Yesod subsite -
yesod-auth-fb
Authentication backend for Yesod using Facebook. -
yesod-recaptcha
Dead simple support for reCAPTCHA on Yesod applications. -
yesod-auth-hashdb
Yesod.Auth.HashDB plugin, now moved out of main yesod-auth package -
yesod-routes-typescript
generate TypeScript routes for Yesod -
yesod-text-markdown
Yesod support for Text.Markdown -
yesod-content-pdf
Library for serving PDF content from a Yesod Application -
yesod-comments
Drop-in comments module for a Yesod application -
-
yesod-form-bootstrap4
yesod-form for bootstrap version 4 -
yesod-goodies
Small utilities useful in any yesod web app -
yesod-raml
Generate Yesod framework route definitions, documentaiton, mock-handler, and more from your RAML spec. -
yesod-worker
Drop-in(ish) background worker system for Yesod applications -
yesod-auth-account-fork
Fork of yesod-auth-account with a few additions -
yesod-transloadit
A resuable widget for the Transloadit service & Yesod -
yesod-crud-persist
Easy CRUD subsites for yesod with persistent -
yesod-auth-kerberos
Kerberos support for Yesod Auth -
yesod-fb
Useful glue functions between the fb library and Yesod. -
yesod-auth-smbclient
Authentication plugin for Yesod using smbclient -
yesod-auth-zendesk
Zendesk remote authentication support for Yesod apps. -
yesod-auth-bcrypt
BCrypt salted and hashed passwords in a database as auth for yesod -
yesod-auth-deskcom
Desk.com Multipass support for Yesod apps. -
yesod-datatables
Routines for implementing server-side processing for DataTables (jQuery grid) in Haskell -
yesod-auth-hmac-keccak
An account authentication plugin for yesod with encrypted token transfer. -
yesod-paypal-rest
Yesod plugin to use PayPal with the paypal-rest-client library. -
yesod-pnotify
yet another getMessage/setMessage using pnotify jquery plugins -
yesod-test-json
Utility functions for testing JSON web services written in Yesod -
yesod-auth-bcryptdb
Yesod.Auth.BcryptDB plugin -
yesod-articles
Automatically generate article previews for a yesod site -
yesod-s3
Simple Helper Library for using Amazon's Simple Storage Service (S3) with Yesod
Do you think we are missing an alternative of yesod-auth-ldap-native or a related project?
|
Scout APM: A developer's best friend. Try free for 14-days
sponsored
scoutapm.com
|
Popular Comparisons
-
yesod-auth-ldap-nativevsyesod-auth-ldap
-
yesod-routes-typescriptvsyesod-recaptcha
-
yesod-persistentvsswagger-petstore
-
yesod-auth-oauth2vsyesod-auth-kerberos
-
yesod-angularvsyesod-auth-bcrypt
|
SaaSHub - Software Alternatives and Reviews
sponsored
www.saashub.com
|
README
yesod-auth-ldap-native
Yesod LDAP authentication plugin using native Haskell Ldap.Client
- does not depend on system libraries
- service account bind
- customizable
- optional group membership verification
There is more than one way to perform LDAP based authentication. The key thing to decide is how to map from usernames to DNs.
This module follows the service bind approach where we bind with preconfigured credentials and run queries to find user DN and optionally verify group membership. After that we bind as user to verify password.
Another common, although in some ways more limited, approach is defining DNs as templates eg. uid=%s,ou=people,dc=example,dc=com. This module does not support template based configuration. Please submit an issue or create a pull request if you'd like that.
Usage
Basic configuration in Foundation.hs:
ldapConf :: LdapAuthConf
ldapConf =
setHost (Secure "127.0.0.1") $ setPort 636
$ mkLdapConf (Just ("cn=Manager,dc=example,dc=com", "v3ryS33kret"))
"ou=people,dc=example,dc=com"
And add authLdap ldapConf to your authPlugins.
Make sure the address you provide exactly maches the one in the server certificate. Otherwise you will only get a cryptic TLS negotiation failure.
For plain connection (only for testing!):
setHost (Plain "127.0.0.1")
For additional group authentication use setGroupQuery:
ldapConf :: LdapAuthConf
ldapConf =
setGroupQuery (Just $ mkGroupQuery
"ou=group,dc=example,dc=com" "cn" "it" "memberUid")
$ setHost (Secure "127.0.0.1") $ setPort 636
$ mkLdapConf (Just ("cn=yourapp,ou=services,dc=example,dc=com", "v3ryS33kret"))
"ou=people,dc=example,dc=com"
In the example above user jdoe will only be successfully authenticated if:
- service bind using the provided account is successful
- and exactly one entry with
objectclass=posixAccountanduid=jdoeexists somewhere inou=people,dc=example,dc=com - and at least one group exists with
cn=itandmemberUid=jdoeinou=group,dc=example,dc=com - and user bind is successful
Fine control of the queries is available with setUserQuery and setGroupQuery.
When testing or during initial configuration consider using setDebug - set to 1 to enable. This will
give you exact error condition instead of "That is all we know". Never use it in production though as it
may reveal sensitive information.
API Documentation
Documentation is available on hackage.
Refer to ldap-client documentation for details.